Critical XSS Vulnerability in The New Era Journal http://www.khitpyaing.org

Home / Hacking, News, Security / Critical XSS Vulnerability in The New Era Journal http://www.khitpyaing.org

August 26, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on http://www.khitpyaing.org

These are some information from Vulneral Site http://www.khitpyaing.org:

This vulnerability has been alerted to webmaster: [email protected]

Vulnerability Link is as follow http://khitpyaing.org

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Finding vulnerabilities in PHP scripts

Contents : * 1) About * 2) Some stuff * 3) Remote File Inclusion * 3.0 – Basic example * 3.1 – Simple example * 3.2 – How to fix

XSS Shell

This script in asp permettedi executing of the commandos taking advantage of a bug of the XSSper greater info you can see the video: Code: http://ferruh.mavituna.com/xssshell/demo/ and the shell: Code:

Social Engineering is no science, it is pure trickery!

The term â€œSocial Engineeringâ€ sounds like a serious academic subject on reforming a wayward society! Alas, far from the truth, it is pure and simple trickery, a con job. The

[webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
on November 15, 2024 at 12:00 am
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
[webapps] reNgine 2.2.0 - Command Injection (Authenticated)
on October 1, 2024 at 12:00 am
reNgine 2.2.0 - Command Injection (Authenticated)
[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
on October 1, 2024 at 12:00 am
dizqueTV 1.5.3 - Remote Code Execution (RCE)
[webapps] openSIS 9.1 - SQLi (Authenticated)
on October 1, 2024 at 12:00 am
openSIS 9.1 - SQLi (Authenticated)
[dos] Windows TCP/IP - RCE Checker and Denial of Service
on August 28, 2024 at 12:00 am
Windows TCP/IP - RCE Checker and Denial of Service