PlanetCreator has reported another critical XSS Vulnerability on classified listings site Ads.com.mm

Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code which is then executed within the victim’s browser when the target site vulnerable to and injected with XSS is viewed. The script-code can be any language supported by the browser but mostly HTML and Javascript is used along with embedded Flash, Java or ActiveX.

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Misconfigured security features or Incorrect use of security

Session cookie is not randomized enoughNumerous applications use a session cookie to maintain the state of a logged in user. The use of authentication to validate the user that has

Read More

critical XSS vulnerability on Accounts Chamber of the Russian Federation http://www.ach.gov.ru

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on Accounts Chamber of the Russian Federation http://www.ach.gov.ru These are some information from Vulneral Site http://www.ach.gov.ru: This vulnerability has been

Read More

Introducing SpearPhisher – A Simple Phishing Email Generation Tool

SpearPhisher is a simple point and click Windows GUI tool designed for (mostly) non-technical people who would like to supplement the education and awareness aspect of their information security program.

Read More