Ebay XSS Vulerability
Page 1 of 1
Ebay XSS Vulerability
Ebay sites still vulnerable to cross-site scripting,html injection and redirect
all proof of concept still works fine,so be carefull!
POC:
donations.ebay.com/charity/charity.jsp?NP_ID=40219&name=XSS
worldofgood.ebay.com/Handmade-Jewelry-Earrings-Necklaces-Rings/47/list?XSS
worldofgood.ebay.com/list?HTML Injection
sea.ebay.com/searchAnnoucement.php?time=XSS
applications.ebay.com/selling?EAppsByCategory&sType=2&cId=4&cName=XSS
See also RafalLos article : eBay's Sub-Domains Vulnerable to XSS ...again
all proof of concept still works fine,so be carefull!
POC:
donations.ebay.com/charity/charity.jsp?NP_ID=40219&name=XSS
worldofgood.ebay.com/Handmade-Jewelry-Earrings-Necklaces-Rings/47/list?XSS
worldofgood.ebay.com/list?HTML Injection
sea.ebay.com/searchAnnoucement.php?time=XSS
applications.ebay.com/selling?EAppsByCategory&sType=2&cId=4&cName=XSS
See also RafalLos article : eBay's Sub-Domains Vulnerable to XSS ...again
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum