Security Researcher $@T0R! reported another XSS vulnerability in http://www.youthdreams.net

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

Vul: – http://youthdreams.net

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

What is “Clickjacking“? The latest Adobe Flash clipboard hijack attack

A new Web attacks is now in the wild. It’s named clickjacking – as discussed at the OWASP NYC AppSec 2008 Conference. Clickjacking is actually clipboard hijacking by adobe flash

Read More

Critical SQL Injection in www.kmd.com KMD Group of Companies

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical SQL Injection (vulnerability) on http://www.kmd.com.sg owned by KMD Group of Companies These are some information from Vulneral Site http://www.kmd.com.sg

Read More

Selection of tools to automate an attack SQL Injection

sqlmap (http://sqlmap.sourceforge.net/) Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server. Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase. SQL Power Injector (http://www.sqlpowerinjector.com/) Implemented support for: Microsoft SQL Server,

Read More