PlanetCreator has reported another critical XSS Vulnerability on classified listings site Ads.com.mm

Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code which is then executed within the victim’s browser when the target site vulnerable to and injected with XSS is viewed. The script-code can be any language supported by the browser but mostly HTML and Javascript is used along with embedded Flash, Java or ActiveX.

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Critical SQL Injection in Enjoy (http://www.enjoy.net.mm)

PlanetCreator reported another critical SQL injection (vulnerability) on several sites of Enjoy (http://www.enjoy.net.mm) SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer

Read More

How does a cross site scripting (XSS) attack work?

A cross site scripting attack works in the following manner: * The attacker identifies a web site that has one or more XSS bugs for example, a web site that

Read More

What is DNS hijacking?

DNS hijacking is the process of altering the name server records and redirecting the users to a bogus website. As everyone knows every domain name depends on its name server

Read More