PlanetCreator has reported another critical XSS Vulnerability on classified listings site Ads.com.mm

Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code which is then executed within the victim’s browser when the target site vulnerable to and injected with XSS is viewed. The script-code can be any language supported by the browser but mostly HTML and Javascript is used along with embedded Flash, Java or ActiveX.

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

What are the countermeasures against sniffer attacks?

It is quite difficult to overcome sniffer attacks. However, the following steps can be taken as countermeasures against such attacks: * Use encrypted protocols for all communication. * Segment the

Read More

How To Bypass Ownership Permission

Conditions: ————– 777 Directory What Is This: ————– You Uploaded Shell With With “NoBody” Permission Let’s Say You Browse To Another Folder Which Is 777 But All Files Are 755

Read More

LFI/RFI testing and exploiting with fimap

fimap is currently under development but still usable. Feel free to test it! This document and tool is not recommend for people who doesn’t know what LFI/RFI is. If you

Read More