Showing posts with label Government. Show all posts
Showing posts with label Government. Show all posts

Wednesday, August 26, 2009

Whitehouse.gov - One for the "lulz"

#########################
# Website: www.whitehouse.gov
# Date: 27.08.09
# Bug: Cross Site Scripting (XSS)
########################

Vuln URL: hxxp://www.whitehouse.gov

Click here for the demo

LOL ! Please put some of your resources to work ;)

Cheers,
Kish !
Posted by at No comments:
Labels: , , , , , , , , , , , , ,

Friday, March 27, 2009

XSS in NSA's website

################################
# Website: http://www.nsa.gov
# National "Security" Agency - oh really ?!
# Bug: XSS
# Date: 27.03.09
##############################


Vuln URL: hxxp://www.nsa.gov

Click for the XSS demo

Fix input validation in your page... Please be true to your THREE Letter acronym ;)

Cheers :)
Kish
Posted by at No comments:
Labels: , , , , , , , , , , , , ,

Tuesday, February 10, 2009

Fresh stock: XSS in NASA

###############################
# Website: http://www.nasa.gov
# Open source & NASA
# Bug: XSS
# Date: 10.02.09
#############################



Vulnerable URL: hxxp://opensource.gsfc.nasa.gov/feedback.php
Post based XSS: any field

Click here for POST request

Fix input validation in all the fields...

Cheers,
Kish
Posted by at No comments:
Labels: , , , , , , , , , ,

Sunday, December 21, 2008

West Bengal Web Coding Standards (WBWCS) !


###################################
# Website: http://www.wbhealth.gov.in
# Bug: XSS
# Date: 22.12.08
##################################

Vulnerable URL: hxxp://www.wbhealth.gov.in (Site-Search feature)
Pages: site_search.asp, and site_search_result.asp

Text book style XSS for you ladies and gentlemen

Courtesy: Hash Technologies presents West Bengal Web Coding Standards (WBWCS) !

Fix input validation in the search box for god's sake before people ruin the website.

Cheers :)
Kish
Posted by at No comments:
Labels: , , , , , , , ,
Subscribe to: Posts (Atom)