Professional Webmasters Community
Would you like to react to this message? Create an account in a few clicks or log in to continue.
Professional Webmasters Community

your are free to explore your reviews, thoughts, suggestion and guidelines on every online tech talk.


Ebay XSS Vulerability

Professional Webmasters Community :: Webmaster Speak :: Tech Talk

Go down

Ebay XSS Vulerability Empty Ebay XSS Vulerability

Post  andry Fri Nov 19, 2010 12:48 am

Ebay sites still vulnerable to cross-site scripting,html injection and redirect

all proof of concept still works fine,so be carefull!



POC:

donations.ebay.com/charity/charity.jsp?NP_ID=40219&name=XSS

worldofgood.ebay.com/Handmade-Jewelry-Earrings-Necklaces-Rings/47/list?XSS

worldofgood.ebay.com/list?HTML Injection

sea.ebay.com/searchAnnoucement.php?time=XSS

applications.ebay.com/selling?EAppsByCategory&sType=2&cId=4&cName=XSS



See also RafalLos article : eBay's Sub-Domains Vulnerable to XSS ...again
andry
andry
Moderator
Moderator

Posts : 467
Join date : 2010-05-07

Back to top Go down

Back to top

- Similar topics

Professional Webmasters Community :: Webmaster Speak :: Tech Talk

 
Permissions in this forum:
You cannot reply to topics in this forum