Critical XSS Vulnerability in http://www.yangon.com.mm

Home / Hacking, News, Security / Critical XSS Vulnerability in http://www.yangon.com.mm

August 26, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on MM Search Engine http://www.yangon.com.mm

These are some information from Vulneral Site http://www.yangon.com.mm:

This vulnerability has been alerted to webmaster

Vulnerability Link is as follow http://www.yangon.com.mm/

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Best Server Security Configuration

Best Server Security Configuration. Summary 1) Upgrade Apache/PHP, MySQL, OpenSSH, OpenSSL, cP/WHM etc2) cP/WHM Configuration3) SSH Access4) Mod_Security5) Firewall6) DDoS Protection7) Rootkit8) PHP Configuration9) Other10)The End Author: QKrun1x 1) Upgrade

What are the security holes in the Basic Authentication scheme?

The Basic Authentication scheme uses the username and password and encrypts the password using base64 encoding. In spite of this, there are still many security holes in the Basic Authentication

ModSecurity

ModSecurity is a web application firewall (WAF). With over 70% of attacks now carried out over the web application level, organisations need all the help they can get in making

[webapps] OpenRepeater 2.1 - OS Command Injection
on December 3, 2025 at 12:00 am
OpenRepeater 2.1 - OS Command Injection
[webapps] MobileDetect 2.8.31 - Cross-Site Scripting (XSS)
on December 3, 2025 at 12:00 am
MobileDetect 2.8.31 - Cross-Site Scripting (XSS)
[webapps] phpIPAM 1.4 - SQL-Injection
on December 3, 2025 at 12:00 am
phpIPAM 1.4 - SQL-Injection
[webapps] phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)
on December 3, 2025 at 12:00 am
phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)
[webapps] Django 5.1.13 - SQL Injection
on December 3, 2025 at 12:00 am
Django 5.1.13 - SQL Injection