Wednesday, September 29, 2010

Several Vodafone sites vulnerable to XSS

Several Vodafone sites vulnerable to XSS flaws, could aid phishing attacks

Vodafone.com , Vodafone.ro , Vodafone.com.tr , Vodafone.com.au , Vodafone.es , Vodafone.it , Vodafone.gr , Vodafone.ie , Vodafone.in , Vodafone.de , Vodafone.co.uk

Proof of concept:

https://www.vodafone.ro/mydomain/shop/voda.signup.cgi?pageid=print_moreinfo&id=XSS

http://runners.vodafone.com/wp-content/plugins/post-star-rating/psr-ajax-stars.php?p=XSS

https://wlan.net.vodafone.it/vfile/pwlan/pages/otp/login_partner.jsp?LoginURL=login.linkem.com/sd/login&AccessLocation=isocc=it,cc=39,ac=06,network=linkem&LogoffURL=x&LocationName=XSS

https://club2020.mi.vodafone.es/rascaygana/mailing/mail_alta.php?telefono_encriptado=XSS

http://handyfinder.vodafone.de/application_start.php?RTYPE=XSS

http://portal.vodafone.gr/vodafonenet/register/newRegister/holSSOlogin.jsp?action2=XSS

http://live.vodafone.com.tr/galleryimages/watch.php?url=http://live.vodafone.com.tr/galleryimages/rockncoke/videos/rnc_video_03.flv&keepThis=true&TB_iframe=true&height=XSS

http://vic.vodafone.com.au/coverage/qld.asp?detail=58XSS

http://www.vodafone.ie/search/Search.shtml?site=10_163_142_helpsupport&q=XSS

http://promo.in.vodafone.in/admin/index.php?Page=XSS


And SQL Injection on http://mediacentre.vodafone.co.uk
Poc:

http://mediacentre.vodafone.co.uk/news_view_doc.php?type=press&doc_id=SQL Injection
xss works also!



All proof of concept still works,Be careful !

No comments: