SEO, Search Engines info, Blogging, SEO tools, Gadgets ,Gizmos ,Latest Gadgets, concept cars, car news
SeekHub.net
The Gadget & Concept Car Playground
RSS Feed

Search


24th January 2008

Cross Site Scripting on Whois

Here’s a very nice XSS find by Klaus:

Most domain registrars (have yet to find one that does) will not filter what you put on your REGISTRANT CONTACT INFO and WILL allow the script tag!

Considering how many sites scrape or use Whois info, I’d say that a hole like that is pretty massive for hackers.

Posted under SEO Blackhat
Comments: 0
Read more









Tags

Copyright © 2008 tokenkiwi.com | Powered by Wordpress
Site maintained by SEO Services