The grey hat hacker collective TeamHav0k recently discovered a significant vulnerability in the popular genealogy Web site

"TeamHav0k published a small proof of concept that shows the existence of the vulnerability, along with some database tables to demonstrate that the cross-site scripting (XSS) and the SQL Injection issues they uncovered can be exploited by hackers who don’t have the most honorable intentions," writes Softpedia's Eduard Kovacs.

"It’s uncertain at this time if's webmasters have been directly notified by the group regarding these vulnerabilities," Kovacs writes.

Go to "TeamHav0k Explains the Perils Behind the Flaws in" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.