My self Vikas chaudhary .I’m Cyber Security Analyst ,I found that specified PHP Scripts Mall Auditor Website 2.0.1 has XSS vulnerability via the lastname or firstname parameter. To exploit the vulnerability, the following steps were taken.
Go to site “ http://220.127.116.11/~projclient/client/auditor/ ” or CLICK HERE
Select REGISTER page (Register now)
Create an account using your Email address => in FIRST NAME and LAST NAME , put this script < *img src =x onError=alert("VIKAS")> [ Note=> Remove * from script]
Now Check your Email and Verify it.
Again come to site and login it using your Verified Email and Password .
You will having popup VIKAS in you account when you loged in.
>>Click here to Contact Me< <<