Full Disclosure mailing list archives
Cross Site Scripting (XSS) Vulnerability in ibibo
From: rockey killer <skg102 () gmail com>
Date: Wed, 3 Feb 2010 01:40:22 +0530
Cross Site Scripting (XSS) Vulnerability in ibibo In search fields of cityads.ibibo.com ibibo.com is India’s first entertainment and talent based social network. It gives the youth of India a unique platform to showcase their talent, express themselves, create their own social network, audience and fan club and hence get recognition. Vulnerability Non-Persistent Cross site scripting (XSS) vulnerability is found in cityads.ibibo.com Disclosure Timeline Reported: Tue, Jan 19, 2010 at 5:23 PM Fixed: -------------- Credits H4CK3R Crew http://h4ck3r.in POC URL http://cityads.ibibo.com/search_result.php?cate_id=&q=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&searchFrom=search_bar -- Rockey Killer It's all about Hacking and Security http://h4ck3r.in/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Cross Site Scripting (XSS) Vulnerability in ibibo rockey killer (Feb 02)
- Re: Cross Site Scripting (XSS) Vulnerability in ibibo Benji (Feb 02)