Hua Zhong system discoveredXSSvulnerability, affecting thousands of hosting service providers
Hua Zhong, the WinIIS, star outside AMAXSSvulnerability is proof many times, the estimates are now fixed.
But Hua all the following vulnerabilities, the estimate I was the first one found.
Spend a few dollars in a treasure buy a months pay space, ask the Chinese congregation of the system after tests are there this problem the program should be the latest version of 6. 5 in.
1, invest a few dollars in a treasure buy a space, is one of the well system.
2, a bought the host, point to senior management. Just find a input box and I test the online decompress it. Input(he is the filtered'):
<img src=1.gif onerror=alert("x");>
3, to prompt the operation fails. The actual successful. Slowly, etc. if impatient, you can contact the seller online extract not available.... and
4, as long as the seller in the background to open the operation log that we succeeded.
5, has scored permissions:
I'm law-abiding good citizens, has been the vulnerability returned to the seller. The seller sent a permanent 5G of space, force.。。。。
Hung it, the domain name。。。。。。。
Filter html characters. A later test under winiis and stars outside, also should be good to go.