PlanetCreator has reported another critical XSS Vulnerability on classified listings site Ads.com.mm

Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code which is then executed within the victim’s browser when the target site vulnerable to and injected with XSS is viewed. The script-code can be any language supported by the browser but mostly HTML and Javascript is used along with embedded Flash, Java or ActiveX.

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Critical SQL Injection in www.kmd.com KMD Group of Companies

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical SQL Injection (vulnerability) on http://www.kmd.com.sg owned by KMD Group of Companies These are some information from Vulneral Site http://www.kmd.com.sg

Read More

Local File Inclusion (LFI) tutorial

This tutorial will guide you into the process of exploiting a website through the LFI (Local File Inclusion). First lets take a look at a php code that is vulnerable

Read More

Dyne’s Hackers List v1.10

0x01 – Definitions: Hacker vs Cracker The New Hacker’s Dictionary defines Hacker as: “A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as

Read More