# Website: www.ea.com
# Date: 25.06.09
# Bug: XSS
########################
Vuln URL: hxxp://www.ea.com
Click here for the demo
FIFA 09 and the online game play rocks, but your website ?... not really ! pffft ...
Cheers :)
Kish
Thursday, June 25, 2009
Electronic Arts - XSS vulnerability
#########################
# Website: www.ea.com
# Date: 25.06.09
# Bug: XSS
########################
Vuln URL: hxxp://www.ea.com
Click here for the demo
FIFA 09 and the online game play rocks, but your website ?... not really ! pffft ...
Cheers :)
Kish
# Website: www.ea.com
# Date: 25.06.09
# Bug: XSS
########################
Vuln URL: hxxp://www.ea.com
Click here for the demo
FIFA 09 and the online game play rocks, but your website ?... not really ! pffft ...
Cheers :)
Kish
Friday, May 29, 2009
XSS in Blogarama
#########################
# Website: www.blogarama.com
# Date: 29.05.09
# Bug: XSS
########################
Vuln URL: hxxp://www.blogarama.com
Click here for the demo
Fix input validation in your website...
Cheers :)
Kish
# Website: www.blogarama.com
# Date: 29.05.09
# Bug: XSS
########################
Vuln URL: hxxp://www.blogarama.com
Click here for the demo
Fix input validation in your website...
Cheers :)
Kish
Sunday, May 17, 2009
XSS in Adobe's Store
#############################
# Website: www.abobe.com
# Date: 17.05.09
# Bug: XSS
############################
Vuln URL: hxxps://store3.adobe.com
Click here to see the demo
Fix your input validation, and make shopping with adobe a good memory for the customer.
Cheers :)
Kish
# Website: www.abobe.com
# Date: 17.05.09
# Bug: XSS
############################
Vuln URL: hxxps://store3.adobe.com
Click here to see the demo
Fix your input validation, and make shopping with adobe a good memory for the customer.
Cheers :)
Kish
Sunday, May 3, 2009
HTML Injection in ZDNET
############################
# Website: http://blogs.zdnet.com
# "Say hello to the experts"
# Bug: HTML Injection, XSS
# Date: 03.05.09
############################
Vuln URL: hxxp://blogs.zdnet.com
Click here to see the demo
Please advise people about web-application vulnerabilities, after you've fixed them ! *coughs*
Talking about input validation, their email form is a bad example... and can I use it to send my friend an email ? You bet... it's free email spoofing service, courtesy of ZDnet ;))
Cheers,
Kish
# Website: http://blogs.zdnet.com
# "Say hello to the experts"
# Bug: HTML Injection, XSS
# Date: 03.05.09
############################
Vuln URL: hxxp://blogs.zdnet.com
Click here to see the demo
Please advise people about web-application vulnerabilities, after you've fixed them ! *coughs*
Talking about input validation, their email form is a bad example... and can I use it to send my friend an email ? You bet... it's free email spoofing service, courtesy of ZDnet ;))
Cheers,
Kish
Wednesday, April 29, 2009
SQLi and XSS vulnerabilities in IPL website
###################################
# Website: www.iplt20.com
# (includes spoils from pulselive.com)
# Bug: XSS, and SQLi
# IPL T20 - Indian(or is it English) Premier League
# Date: 29.04.09
###################################
Vuln URL: hxxp://www.iplt20.com
Click here for SQLi demo
There were also 26 injectable spots other than this, and there's XSS in URI, Path, and Forms, can't post too many screenshots... you see ;)
What's more you can insert, update, and delete tables in their DB :))
Happy hunting, Cheers!
# Website: www.iplt20.com
# (includes spoils from pulselive.com)
# Bug: XSS, and SQLi
# IPL T20 - Indian(or is it English) Premier League
# Date: 29.04.09
###################################
Vuln URL: hxxp://www.iplt20.com
Click here for SQLi demo
There were also 26 injectable spots other than this, and there's XSS in URI, Path, and Forms, can't post too many screenshots... you see ;)
What's more you can insert, update, and delete tables in their DB :))
Happy hunting, Cheers!
Saturday, April 25, 2009
XSS in Imageshack
################################
# Website: http://www.imageshack.us
# Bug: XSS
# Date: 25.04.09
##############################
# Website: http://www.imageshack.us
# Bug: XSS
# Date: 25.04.09
##############################
Vuln URL: hxxp://www.imageshack.us
Click here for XSS demo
Fix your input validation.
Cheers,
Kish
Friday, March 27, 2009
XSS in NSA's website
################################
# Website: http://www.nsa.gov
# National "Security" Agency - oh really ?!
# Bug: XSS
# Date: 27.03.09
##############################
Vuln URL: hxxp://www.nsa.gov
Click for the XSS demo
Fix input validation in your page... Please be true to your THREE Letter acronym ;)
Cheers :)
Kish
# Website: http://www.nsa.gov
# National "Security" Agency - oh really ?!
# Bug: XSS
# Date: 27.03.09
##############################
Vuln URL: hxxp://www.nsa.gov
Click for the XSS demo
Fix input validation in your page... Please be true to your THREE Letter acronym ;)
Cheers :)
Kish
Subscribe to:
Posts (Atom)