Critical XSS Vulnerability in http://www.yangon.com.mm

Home / Hacking, News, Security / Critical XSS Vulnerability in http://www.yangon.com.mm

August 26, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on MM Search Engine http://www.yangon.com.mm

These are some information from Vulneral Site http://www.yangon.com.mm:

This vulnerability has been alerted to webmaster

Vulnerability Link is as follow http://www.yangon.com.mm/

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Non-persistent XSS vulnerabilities Samâ€™s Whois

Samâ€™s Whois is a free php class with supporting scripts which make adding a domain name whois lookup to your website incredibly simple. Main Features * All major tlds supported

LFI Scanner By GlaDiaT0R

#!/usr/bin/perl #LFI Scanner By GlaDiaT0R #My Mail: the_gl4di4t0r[AT]hotmail[DOT]com #Home Page: DarkGh0st.Com #Greetz To Boomrang_victim, Marwen_Neo & All Tunisian Hackers #www.darkgh0st.net #www.tunisian-power.net More Info http://www.planetcreator.net/planetcreator/perls.php?id=37

Local File Inclusion (LFI) tutorial

This tutorial will guide you into the process of exploiting a website through the LFI (Local File Inclusion). First lets take a look at a php code that is vulnerable

[webapps] OpenEMR 7.0.2 - Arbitrary File Read
on June 8, 2026 at 12:00 am
OpenEMR 7.0.2 - Arbitrary File Read
[webapps] WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection
on June 5, 2026 at 12:00 am
WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection
[webapps] WordPress OrderConvo 14 - Path Traversal
on June 1, 2026 at 12:00 am
WordPress OrderConvo 14 - Path Traversal
[webapps] Drupal Core 10.5.5 - Error-Based SQL Injection
on June 1, 2026 at 12:00 am
Drupal Core 10.5.5 - Error-Based SQL Injection
[webapps] YAMCS yamcs-core 5.12.7 - LDAP Injection
on May 30, 2026 at 12:00 am
YAMCS yamcs-core 5.12.7 - LDAP Injection