Critical XSS Vulnerability in http://www.yangon.com.mm

Home / Hacking, News, Security / Critical XSS Vulnerability in http://www.yangon.com.mm

August 26, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on MM Search Engine http://www.yangon.com.mm

These are some information from Vulneral Site http://www.yangon.com.mm:

This vulnerability has been alerted to webmaster

Vulnerability Link is as follow http://www.yangon.com.mm/

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Bypassing Shell Security

Safemode = On (Secure) Disables Functions = dl, passthru, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, pfsockopen, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid ================ Create A File “Php.ini” In Some Writeable

10 steps you can take to improve your online security

1. Ensure that you login to an official site * Ensure that you login to an official site (eg. http://www.planetcreator.net) 2. Choose passwords that are hard to guess. Avoid using

LFI Scanner By GlaDiaT0R

#!/usr/bin/perl #LFI Scanner By GlaDiaT0R #My Mail: the_gl4di4t0r[AT]hotmail[DOT]com #Home Page: DarkGh0st.Com #Greetz To Boomrang_victim, Marwen_Neo & All Tunisian Hackers #www.darkgh0st.net #www.tunisian-power.net More Info http://www.planetcreator.net/planetcreator/perls.php?id=37

[webapps] D-Link DIR-650IN - Authenticated Command Injection
on April 10, 2026 at 12:00 am
D-Link DIR-650IN - Authenticated Command Injection
[local] NetBT e-Fatura - Privilege Escalation
on April 10, 2026 at 12:00 am
NetBT e-Fatura - Privilege Escalation
[local] ZSH 5.9 - RCE
on April 9, 2026 at 12:00 am
ZSH 5.9 - RCE
[webapps] Jumbo Website Manager - Remote Code Execution
on April 9, 2026 at 12:00 am
Jumbo Website Manager - Remote Code Execution
[webapps] RomM 4.4.0 - XSS_CSRF Chain
on April 9, 2026 at 12:00 am
RomM 4.4.0 - XSS_CSRF Chain