Advertisements

 Critical XSS and directory traversal flaws on Ebay.co.uk website

Written by DP

Friday, 3 April 2009

A security researcher who goes by the nickname "methodman", today reported a few critical security vulnerabilities affecting Ebay.co.uk. Earlier, he alerted Ebay staff about the issue, but didn't get any response...

Malicious people can inject JavaScript code to redirect users to eBay scam pages (perform phishing attacks).

For example, this attack vector would work:

<SCRIPT>if (top == window)location.href = 'http://www.xssed.com'</SCRIPT>

Ebay XSS mirror:

http://www.xssed.com/mirror/59358/

Also, due to insufficient security validation / sanitization of user-supplied input, an attacker can exploit a directory traversal vulnerability to execute arbitrary commands (View screenshot 1 & 2 of the directory traversal bugs).

#1 Screenshot of the Ebay XSS flaw:


 

#2 Screenshot of the Ebay XSS flaw:

 



#1 Screenshot of the Ebay directory traversal flaw:

 

 

#2 Screenshot of the Ebay directory traversal flaw:

 

Thanks to methodman for reporting these critical security issues!!! We hope that Ebay fixes them quickly!


        
Advertisements
Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.