Critical XSS Vulnerability in http://www.yangon.com.mm

Home / Hacking, News, Security / Critical XSS Vulnerability in http://www.yangon.com.mm

August 26, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on MM Search Engine http://www.yangon.com.mm

These are some information from Vulneral Site http://www.yangon.com.mm:

This vulnerability has been alerted to webmaster

Vulnerability Link is as follow http://www.yangon.com.mm/

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Basic MS-DOS commands

ADDUSERS – Add or list users to/from a CSV file ARP Address – Resolution Protocol ASSOC – Change file extension associations ASSOCIAT – One step file association AT – Schedule

Credit go to sam207 TABLE OF CONTENT: #INTRO #WHAT IS DATABASE? #WHAT IS SQL INJECTION? #BYPASSING LOGINS #ACCESSING SECRET DATA #Checking for vulnerability #Find the number of columns #Addressing vulnerable

Google Hacking

Using Google, and some finely crafted searches we can find a lot of interesting information.For Example we can find: Credit Card Numbers Passwords Software / MP3’s …… (and on and

[webapps] BookStack 25.12.1 - Denial of Service
on May 21, 2026 at 12:00 am
BookStack 25.12.1 - Denial of Service
[webapps] FUXA 1.2.9 - RCE
on May 21, 2026 at 12:00 am
FUXA 1.2.9 - RCE
[webapps] solaredge - (CSRF-OOB-Injection)
on May 21, 2026 at 12:00 am
solaredge - (CSRF-OOB-Injection)
[local] Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path
on May 21, 2026 at 12:00 am
Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path
[webapps] Cockpit 359 - RCE
on May 21, 2026 at 12:00 am
Cockpit 359 - RCE