PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on MM Search Engine http://www.yangon.com.mm

These are some information from Vulneral Site http://www.yangon.com.mm:

This vulnerability has been alerted to webmaster

Vulnerability Link is as follow http://www.yangon.com.mm/

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

XSS Stealing Cookies

This method (XSS attacks) is for get the cookies users, so, for get information of users… and then, login into the account of the victim user…u will have to give

Read More

Critical persistent xss vulnerabilities at IPAY : Myanmar Online payment Official Site

This evening, I found a fascinated  big bill board “IPAY” http://www.ipay.com.mm at Thamine Junction, Yangon, Myanmar. Then, I said my friend “googl3group” about it, and said  “NO XSS, NO SQL

Read More

Selection of tools to automate an attack SQL Injection

sqlmap (http://sqlmap.sourceforge.net/) Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server. Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase. SQL Power Injector (http://www.sqlpowerinjector.com/) Implemented support for: Microsoft SQL Server,

Read More