Critical XSS Vulnerability in http://www.yangon.com.mm

Home / Hacking, News, Security / Critical XSS Vulnerability in http://www.yangon.com.mm

August 26, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on MM Search Engine http://www.yangon.com.mm

These are some information from Vulneral Site http://www.yangon.com.mm:

This vulnerability has been alerted to webmaster

Vulnerability Link is as follow http://www.yangon.com.mm/

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

XSS: Types and Uses

We all know that XSS is the most common exploit to be found in any website. However, different forms of XSS have different uses, as i will cover in this

Login Bypass vulnerability of Myanmar Sites (Fixed)

Last week PlanetCreator informed Security Weakness of Myanmar Uready http://www.myanmaruready.com/ and Su Aung Phyo Co., Ltd. http://www.suaungphyo.com to their webmaster and fixed as long as we reported. SQL injection is

Critical XSS Vulnerability in http://shwephonecard.com registered parent company is â€œMMM Network L.L.C.â€

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical XSS vulnerability on http://www.shwephonecard.comÂ registered parent company is â€œMMM Network L.L.C.â€ These are some information from Vulneral Site http://www.shwephonecard.com:

[webapps] BookStack 25.12.1 - Denial of Service
on May 21, 2026 at 12:00 am
BookStack 25.12.1 - Denial of Service
[webapps] FUXA 1.2.9 - RCE
on May 21, 2026 at 12:00 am
FUXA 1.2.9 - RCE
[webapps] solaredge - (CSRF-OOB-Injection)
on May 21, 2026 at 12:00 am
solaredge - (CSRF-OOB-Injection)
[local] Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path
on May 21, 2026 at 12:00 am
Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path
[webapps] Cockpit 359 - RCE
on May 21, 2026 at 12:00 am
Cockpit 359 - RCE