Hi malware fighters,
It is rewarding to scan your website against possible XSS holes - so here I found that there were holes here when scanned with : http://xss-scanner.com/index.php? The examples are just imaginary…
url=http%3A%2F scanned site ^^^%2Fsave%2Fsave.asp%3Faction%3Dchklogin%26nocode%3Dtrue%26pageid%3Dbuygwxt%3Fismember%3D%26ismember%3D%26usercard%3D%26userpassword%3D&method=POST
and here:
url=http%3A%2F%2F0^^^scanned site %2Fsave%2Fsave.asp%3Faction%3Dordersave%3Fname%3D%26sex%3D%26sex%3D%26address%3D%26zipcode%3D%26tel1%3D%26tel2%3D%26tel3%3D%26mobile%3D%26email%3D%26QQ%3D%26xtid%3D%26xttypes%3D&method=POST
Now we could give this in to Intellitamper to probe, mind that this could tool be flagged by some scanners as a PUP (McAfee for instance), but is a very good exploration tool - http://download.softpedia.com/dl/bc6110726b35185e5fd662dc494ccdfa/4c3b69c1/100037377/software/internet/intellitamper_v2.07.exe
(Use it in a VM to prevent spills and bug abuse)
Good to find out what is really behind that website of yours,
polonus