Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Amazon and Msn vulnerabilities

From: dcrab () hackerscenter com
Date: 23 Jun 2006 14:18:44 -0000
For the complete article read, http://blogs.hackerscenter.com/dcrab/?p=19

Amazon.com: One of the largest e-commerce websites in the world. It is vulnerable to CR LF injection vulnerabilities, 
that allow an exploitable XSS situation to exist

Screenshot:

http://blogs.hackerscenter.com/dcrab/amazon.jpg

Msn: I have worked with microsoft on several occassions and found it a huge drag to work with thier slow security 
response center. I found about 4 - 5 vulnerabilities on various websites in the microsoft network, and reported them in 
to the Microsoft Security Center. ItÂ’s been almost a year since, and 2 of them are fixed, The others still exist. These 
are completely exploitable as XSS vulnerabilities too.

Screenshot:

http://blogs.hackerscenter.com/dcrab/msn.jpg
Previous By Date Next
Previous By Thread Next

Current thread: