I found that specified Exploit Title: Domain Lookup Script 3.0.5- Stored XSS via Search by Whois. To exploit this vulnerability, the following steps were taken.
1.Go to the site ( http://under24usd.com/demo/whois/ ) .
2-Goto Homepage => Search by Whois and paste this code in
Type Your Keyword => <*IMG"""><*SCRIPT>alert(“SARAFRAZ KHAN”)“>and then click on Search.
3-Now You will having popup of /SARAFRAZ KHAN/ in the page..
Note=> Please Remove * from the Code