Full Disclosure mailing list archives
Mobilkom Austria XSSes
From: bosti.be () hush com
Date: Tue, 12 Jul 2011 12:39:21 +0200
G'Day Ladies and Gents, it has been already over 3 weeks now, since they've told me they're going to fix this flaws, as soon as they've resolved more important tasks... I think they had enough time, so here is my first disclosure. Just a little, not that important non-persistent XSS. Cookie hijacking possible: http://www.a1.net/forum/?module=mkaSearch&action=search&wo=- 1&search_eforum=<img src=http://wtfhub.com/wp- content/uploads/2010/12/y-u-no-template1.jpg> =========================== It gets funnier. They even DO allow HTML in a posting or thread. http://www.a1.net/forum/mkaPosts/insert/2207.page Proof: http://i.imgur.com/0h5IM.jpg =========================== As you can see in the Screenshot, they even allow HTML in your Signature. And yet another non-persistent XSS (search form), Cookie hijacking possible: http://www.a1.net/musikfreizeichen/index.htm?action=browseSearchResu lt&exact=false&searchString=<script>alert("wat")</script> =========================== some fun: http://i.imgur.com/1F141.png and even more: http://i.imgur.com/GMqcm.png First disclosure, keep that in mind. Now let's hope they fix the flaws soon. And btw, I also know they're not critical, so don't bitch about it. Greets, HypoX _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Mobilkom Austria XSSes bosti . be (Jul 12)