Posted by : Unknown
Kamis, 21 Februari 2013
A Pakistani Security Researcher Ali Hasan Ghauri - founder of AHPT has discovered XSS Vulnerability on Filehippo.com main site. Vulnerability still exists
Last time we published news of W3Schools vulnerable to same XSS flaw reported by the security researcher.
[#] - Website:
http://www.sify.com
[#] - Vulnerable link (POC):
http://www.filehippo.com/it/download_ccleaner/%27%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert%28%22XSS%20By%20Ali%20Hasan%20Ghauri%22%29%3C/script%3E
[#] - Vulnerability Type:
XSS (Cross Site Scripting)
[#] - Status:
Not Fixed [Critical]
[#] - Tested on:
Firefox 18.0.1
The Youngest Pakistani Security Researcher "Ali Hasan Ghauri" (AHPT) also Found Vulnerabilities on Big Tech Sites on Skype , Adobe, Asia Cnet, Yellowpages, visualstudiomagazine ,Filehippo ,CnetDownloads, US.Acer, W3Schools, Hamariweb & Many More.
About Filehippo:
FileHippo is an Internet download website that offers open source, freeware, and shareware programs for Windows. It does not accept user uploaded files.The website also offers its own software, FileHippo Update Checker, a free program that scans a computer and then reports out-dated software in a web-page, offering links to updated versions.
According to Quantcast, FileHippo receives more than three million US visitors each month and Alexa lists FileHippo among the 700 most visited websites worldwide.
More News of XSS flaw can be found here.
Rating: 4.5
Reviewer: Unknown
ItemReviewed: FileHippo Vulnerable to XSS flaw found by Security researcher
Related Posts :
- Back to Home »
- AHPT , Ali Hasan Ghauri , Filehippo , Vulnerability , XSS , Youngest Security Researcher »
- FileHippo Vulnerable to XSS flaw found by Security researcher