Ok, I did contact the owner, before I publish this, but
he seems to does not care, or thinks I am
bullshitting, so here we go:
The web-site is Vulnerable to:
- Cross site scripting attack
- jQuery cross site scripting
(Both are very similar actually)
Cross site scriptingMalicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user.
Want to test yourself?1) Open recovery link:
https://medieval-empires.online/recovery2) Enter:
"()&%3) Press the button "Recover".
This way a hacker can even steal your sessions, and login to your account.