OVH.ie search form XSS bug
Vulnerable page: http://www.ovh.ie/PoC
"><img src=http://te-home.net/images/logo.png>
It is enough to insert any XSS code directly into search field and your code will be executed and displayed by /js/search/gsearch.js script right away.
Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Norman.com download submission form XSS bug
Vulnerable page: http://www.norman.com/home_and_small_office/trials_downloads/Specified page shows a frame linked from http://newton.norman.com/, so you have to post to that frame in order for XSS to work.
PoC
POST /reg.php HTTP/1.1Host: newton.norman.com
name="><img src=http://te-home.net/images/logo.png>
You can either include any XSS code in name input box, or request any XSS code directly using POST method and name parameter.
Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Verlihub 1.0.0.0
First stable release in 1.0.0.0 series.Changes in 1.0.0.0
Commit log: https://github.com/verlihub/verlihub/commits/master
File information: Verlihub 1.0.0.0
DCHublist.com
Many of you are probably wondering: What really happened with DCHublist.com and why is it pointing here? Yep, that's right, it's pointing here because I am close friend with people who wrote and managed it during all these years. The time has passed and developers were no longer interested in keeping it, so they left it to me, both source code and domain name. Now dchublist.com is redirecting to our own hublist.By the way, if you are missing something that used to be on DCHublist.com, please send us a feature request either by forum or contact form, I'm sure that your feature will be added, mainly because I'm the developer here.
Oh, also all client side lists that are still present in most DC clients, are still working, with a single redirect though. Complete URL list can be found here.
Have fun using Team Elite Hublist.