MOSEB-25: Vulnerabilities at dmoz.org

19:42 25.06.2007

Next participant of the project is DMOZ (Open Directory Project). It is one of the most popular catalogs in the world and search engines like to use data from it (particularly for making their own catalogs).

The vulnerabilities are at DMOZ (dmoz.org) in Editor Application form. These Cross-Site Scripting holes I found 25.05.2007.

XSS:

The vulnerabilities are in where, id, lk and loc parameters:
http://dmoz.org/cgi-bin/apply.cgi?where=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

Also page with html injection hole has PR7. It is a dream for black seo guys :-) (and I made this dream come true). Guys don’t forget to send me thanks.

Moral: sending forms to catalog vendor can be risky.

Note, that DMOZ belongs to Netscape. So Netscape (and AOL) also responsible for these vulnerabilities.

P.S.

I prepared another hole at DMOZ. So wait for today’s bonus post ;-) .


2 відповідей на “MOSEB-25: Vulnerabilities at dmoz.org”

  1. Nick каже:

    Hi mate! Awsome stuff here.
    How do you actually use it? Should I just replace your url with my own?
    http://dmoz.org/cgi-bin/apply.cgi?loc=%22%3E%3Ca%20href%3Dhttp://myurl.com%3EWebsecurity%3C/a%3E
    and enter. Is this that simple?!
    Thanks!

  2. MustLive каже:

    Nick

    You are welcome.

    Man, yes just replace my url with your own (any url which you want to use) in case of redirector and html injection variations of these 4 holes. It is really simple to use it (much harder to find the holes). And there is another vuln with PR7 at search.lycos.com. It’s a power of dark side 8-) .

    But I suggest you to be on the white side.

Leave a Reply

You must be logged in to post a comment.