Search This Blog

Powered by Blogger.

Blog Archive

Labels

Persistent XSS Vulnerability found in VirusChief.com


A Hacker named as "ring0" discovered and exploit the Persistent XSS vulnerability in VirusChief.com . whenever someone visit the page, it will popup with your cookie information. Hope, it is not stealing any cookie from you for now. Anyway, be careful while visiting the link(clear your cookies).

Infected Link:
http://www.viruschief.com/report.html?report_id=8004c2e835edbc097fdbe84282643813295a21e3

Hacker upload the file that renamed as
<BODY ONLOAD=alert(document.cookie)>

This HTML with javascript will do the popup message with cookie. When the file is uploaded in the page, it replace the original<body> tag with the above tag.

Update:They fixed this Vulnerability.
Share it:

Vulnerability

Web Application Vulnerability

XSS Vulnerability