PlanetCreator has reported another Critical XSS Vulnerability in Ministry of Transport http://www.mot.gov.mm/

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

This is critical and reported to [email protected]

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Introduction on benchmarking attacks

Affected operating systems: ————————— Windows XP Pro Windows 2003 Windows Vista Windows 2008 (all service packs…) And probably some UNIX/Linux systems with some variants… Look by yourself. ================================================== ================================================== Abstract:

Read More

Fake Login Page with XSS – IFRAME – | C B Bank – Online Electricity Billing Payment System(GBPS)

When XSS vulnerabilities on bank websites are exploited by phishers, is too late to undo the unwanted consequences. The phishers were able to inject a modified login form onto the

Read More

Misconfigured security features or Incorrect use of security

Session cookie is not randomized enoughNumerous applications use a session cookie to maintain the state of a logged in user. The use of authentication to validate the user that has

Read More