Clario: Cookie injection leads to complete DoS over whole domain *.mackeeper.com. Injection point accountstage.mackeeper.com/

Summary: The cookie bomb works by setting large cookies that are way too big making the server decline any request send with them for having a too long request header. PoC 1. Open below link and click on link https://unequaledfloor.htmlpasta.com/ 2. Now open https://accountstage.mackeeper.com/ or...

Clario: rxss at https://mackeeper.com page not found via rid parameter

Summary Reflected xss at /mk/api/send-event with rid parameter. Vuln endpoint: https://mackeeper.com/mk/api/send-event?rid= payload: alerttest Steps To Reproduce go to https://mackeeper.com/mk/api/send-event?rid=%3C/script%3E%3Cscript%3Ealertdocument.cookie%3C/script%3E payload:...

Clario: Reflected xss on mackeeper.com

Summary https://mackeeper.com is vulnerable to Reflected XSS. Steps to reproduce goto https://mackeeper.com/buynow-webkhaleesio2-ppg?lang=fr&x-prepay=xxxxxxxx'" xss will be triggered...

Clario: Reflected XSS

Summary Unauthenticated Reflected Cross-Site Scripting on https://account.mackeeper.com/signup page Steps To Reproduce XSS via GET Method HTTP Request: GET /signup?trtId=wrtqvetc%22%3E%3Cscript%3Ealert%27xss%27%3C%2fscript%3E&tvrnplhw1=1&vim67=1&gvce1=1 HTTP/1.1 Host: account.mackeeper.com...

mackeeper.com XSS vulnerability

Open Bug Bounty ID: OBB-219464 Description| Value ---|--- Affected Website:| mackeeper.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

mackeeper.com XSS vulnerability

Vulnerable URL: https://mackeeper.com/about Details: Description| Value ---|--- Patched:| Yes, at 18.02.2016 Latest check for patch:| 18.02.2016 08:31 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 816 Google Pagerank| 4 VIP website status:| Yes Check...