Looking for iFrame redirect destination: htxp://websolutionspk.com/referer.php?id={23F6CF79-9C78-4819-9C1E-B92FC3FFA15E}
I get a HTTP Status Code: 404 Not Found
Bad web rep: http://www.mywot.com/en/scorecard/websolutionspk.com?utm_source=addon&utm_content=popup-donuts
This was alerted for earlier on that IP: ETPRO ACTIVEX Yahoo Messenger ActiveX Control Command Execution and Detected a TDS URL pattern

polonus

What about this one? Nothing found here: http://zulu.zscaler.com/submission/show/3c38481024e442e5dbdf2ee442193623-1365944365
Malicious redirect flagged here: http://evuln.com/tools/malware-scanner/saintstephenlutheranchurch.net/
and here: http://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fwww.saintstephenlutheranchurch.net%2F&ref_sel=Google&ua_sel=ff
Also read: https://www.elance.com/j/clicking-site-search-results-takes-hacker-re-direct-page/29292250/
I get a 11004 [11004] Valid name, no data record (check DNS setup) for the redirect…
Site has been taken down…http://productforums.google.com/forum/?escaped_fragment=topic/websearch/qDHFPybd-ZQ#!topic/websearch/qDHFPybd-ZQ
About the attack: http://www.coresecurity.com/content/e107-cms-script-command-injection (see link content credits below)

Credits

This vulnerability was discovered and researched by Matt Bergin and Matias Blanco.
The publication of this advisory was coordinated by Fernando Russ.

polonus