PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on MM Search Engine http://www.yangon.com.mm
These are some information from Vulneral Site http://www.yangon.com.mm:
This vulnerability has been alerted to webmaster
Vulnerability Link is as follow http://www.yangon.com.mm/
We hope that your security staff will look into this issue and fix it as soon as possible.
Directory Traversal Overview Directory Traversal vulnerabilities occur once again when the user supplied input is not validated. You think we would get tired of saying this, but it appears this
sqlmap (http://sqlmap.sourceforge.net/) Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server. Partially supported: Microsoft Access, DB2, Informix, Sybase and Interbase. SQL Power Injector (http://www.sqlpowerinjector.com/) Implemented support for: Microsoft SQL Server,
Here’s a new way to get Microsoft to pay attention to you: slip a brief message into the malicious Trojan horse program you just wrote. That’s what an unnamed Russian