1. "Spartan - vulnerable (Windows 10)" http://www.deusen.co.uk/items/insider3show.3362009741042107/SpartanWin10_screenshot.png Thanks to Zaakiy Siddiqui!
2.
<?php
sleep(2);
header("Location: http://www.dailymail.co.uk/robots.txt";);
?>
Many asked for it.
3.
It's Universal XSS, as we tested:
Not only dailymail.co.uk - also Yahoo etc
Not only injecting content - also getting private info etc.
Kind Regards,
