Unfixed XSS vulnerability at www.mp7indir.com

ID XSSED:55031
Type xssed
Reporter Alaim-iZaaf
Modified 2011-12-18T00:00:00


Security researcher Alaim-iZaaf, has submitted on 30/11/2008 a cross-site-scripting (XSS) vulnerability affecting www.mp7indir.com, which at the time of submission ranked 3805500 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 18/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.mp7indir.com/ara.php?q=<script>alert(String.fromCharCode(097,%20108,%20097,%20105,%20109,%20105,%20122,%20097,%20097,%20102%20))</script>