Critical XSS Vulnerability in http://www.yangon.com.mm

Home / Hacking, News, Security / Critical XSS Vulnerability in http://www.yangon.com.mm

August 26, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on MM Search Engine http://www.yangon.com.mm

These are some information from Vulneral Site http://www.yangon.com.mm:

This vulnerability has been alerted to webmaster

Vulnerability Link is as follow http://www.yangon.com.mm/

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Yet another simple Google Docs hack

A simple hack that allow you to edit read only Google docs is explained here http://googlesystem.blogspot.com/2009/01/copy-google-documents-to-your-account.html It works and all you need is to hack the url a bit like

What Damage Can Hackers Do?

Hackers like to subvert computer security without permission. They are cyber criminals. This can mean gaining access to a computer across the Internet for illicit purposes. They might engage in

Basic MS-DOS commands

ADDUSERS – Add or list users to/from a CSV file ARP Address – Resolution Protocol ASSOC – Change file extension associations ASSOCIAT – One step file association AT – Schedule

[webapps] Flowise 3.0.4 - Remote Code Execution (RCE)
on October 31, 2025 at 12:00 am
Flowise 3.0.4 - Remote Code Execution (RCE)
[webapps] Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
on October 29, 2025 at 12:00 am
Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
[local] Mbed TLS 3.6.4 - Use-After-Free
on September 16, 2025 at 12:00 am
Mbed TLS 3.6.4 - Use-After-Free
[webapps] Concrete CMS 9.4.3 - Stored XSS
on September 16, 2025 at 12:00 am
Concrete CMS 9.4.3 - Stored XSS
[webapps] XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)
on September 16, 2025 at 12:00 am
XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)