quickcart.com, XSS, CWE-79, CAPEC-86, Cross Site Scripting, DORK, Unforgivable Vulnerabilities

HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.

Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.

Issue remediation

If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.

1.1. https://fastdial.net/images/rsscategory.sc [REST URL parameter 1] next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7f576%0d%0a4fe12b45227 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7f576%0d%0a4fe12b45227/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:34 GMT
Server: Apache
Location: http://fastdial.net/7f576
4fe12b45227/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2. https://fastdial.net/static/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e1ce0%0d%0afe8ef4b0723 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e1ce0%0d%0afe8ef4b0723/images/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:50:28 GMT
Server: Apache
Location: http://fastdial.net/e1ce0
fe8ef4b0723/images/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.3. https://fastdial.net/static/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 39d71%0d%0aa804ef85baf was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/39d71%0d%0aa804ef85baf/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:50:42 GMT
Server: Apache
Location: http://fastdial.net/static/39d71
a804ef85baf/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.4. https://fastdial.net/static/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 66099%0d%0ad5a2821289b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/66099%0d%0ad5a2821289b/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:50:54 GMT
Server: Apache
Location: http://fastdial.net/static/images/66099
d5a2821289b/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.5. https://fastdial.net/static/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6beac%0d%0ab5734230bef was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/6beac%0d%0ab5734230bef/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:11 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/6beac
b5734230bef/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.6. https://fastdial.net/static/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 34b17%0d%0af35574e0fc4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/34b17%0d%0af35574e0fc4/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:24 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/34b17
f35574e0fc4/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.7. https://fastdial.net/static/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b74ef%0d%0a58fa0f181ef was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/common/b74ef%0d%0a58fa0f181ef/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:38 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/common/b74ef
58fa0f181ef/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.8. https://fastdial.net/static/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload e7c37%0d%0abbc8a889ed6 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/common/images/e7c37%0d%0abbc8a889ed6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:50 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/common/images/e7c37
bbc8a889ed6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.9. https://fastdial.net/static/images/common/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d2cfc%0d%0ad20898ac629 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d2cfc%0d%0ad20898ac629/images/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:50:38 GMT
Server: Apache
Location: http://fastdial.net/d2cfc
d20898ac629/images/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.10. https://fastdial.net/static/images/common/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 223d6%0d%0ab15776fcf73 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/223d6%0d%0ab15776fcf73/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:50:49 GMT
Server: Apache
Location: http://fastdial.net/static/223d6
b15776fcf73/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.11. https://fastdial.net/static/images/common/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 245c9%0d%0acc14b45adcb was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/245c9%0d%0acc14b45adcb/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:04 GMT
Server: Apache
Location: http://fastdial.net/static/images/245c9
cc14b45adcb/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.12. https://fastdial.net/static/images/common/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f9188%0d%0a11ebc15cdfa was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/f9188%0d%0a11ebc15cdfa/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:17 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/f9188
11ebc15cdfa/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.13. https://fastdial.net/static/images/common/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5f36a%0d%0aab1482dc121 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/5f36a%0d%0aab1482dc121/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:34 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/5f36a
ab1482dc121/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.14. https://fastdial.net/static/images/common/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b0eb3%0d%0ae0b3f170d90 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/common/b0eb3%0d%0ae0b3f170d90/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:49 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/common/b0eb3
e0b3f170d90/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.15. https://fastdial.net/static/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4ab9d%0d%0a529618aa604 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4ab9d%0d%0a529618aa604/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:53:31 GMT
Server: Apache
Location: http://fastdial.net/4ab9d
529618aa604/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.16. https://fastdial.net/static/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d8005%0d%0a734a80c1657 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d8005%0d%0a734a80c1657/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:53:49 GMT
Server: Apache
Location: http://fastdial.net/static/d8005
734a80c1657/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.17. https://fastdial.net/static/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 296eb%0d%0a57bba17e29c was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/296eb%0d%0a57bba17e29c/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:54:00 GMT
Server: Apache
Location: http://fastdial.net/static/images/296eb
57bba17e29c/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.18. https://fastdial.net/static/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9b0da%0d%0a7d300a480ff was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/9b0da%0d%0a7d300a480ff/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:54:15 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/9b0da
7d300a480ff/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.19. https://fastdial.net/static/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e2497%0d%0a32038923bb6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/e2497%0d%0a32038923bb6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:54:40 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/e2497
32038923bb6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.20. https://fastdial.net/static/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 148ec%0d%0a4a9ca943c5f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /148ec%0d%0a4a9ca943c5f/images/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:49:48 GMT
Server: Apache
Location: http://fastdial.net/148ec
4a9ca943c5f/images/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.21. https://fastdial.net/static/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 13c4c%0d%0a438c4c6035b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/13c4c%0d%0a438c4c6035b/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:49:59 GMT
Server: Apache
Location: http://fastdial.net/static/13c4c
438c4c6035b/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.22. https://fastdial.net/static/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bb684%0d%0ae6968e5e61d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/bb684%0d%0ae6968e5e61d/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:50:17 GMT
Server: Apache
Location: http://fastdial.net/static/images/bb684
e6968e5e61d/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.23. https://fastdial.net/static/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 57efa%0d%0adb5436924b3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/57efa%0d%0adb5436924b3/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:50:31 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/57efa
db5436924b3/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.24. https://fastdial.net/static/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b6ef3%0d%0adbfe0b0bf22 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/b6ef3%0d%0adbfe0b0bf22/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:50:42 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/b6ef3
dbfe0b0bf22/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.25. https://fastdial.net/static/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 94cc5%0d%0ab22e7f7a6e7 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/common/94cc5%0d%0ab22e7f7a6e7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:00 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/common/94cc5
b22e7f7a6e7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.26. https://fastdial.net/static/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9438f%0d%0a7683117c848 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9438f%0d%0a7683117c848/images/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:02 GMT
Server: Apache
Location: http://fastdial.net/9438f
7683117c848/images/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.27. https://fastdial.net/static/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 20f1d%0d%0a28337630e9d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/20f1d%0d%0a28337630e9d/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:14 GMT
Server: Apache
Location: http://fastdial.net/static/20f1d
28337630e9d/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.28. https://fastdial.net/static/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b2b2f%0d%0add341eec25e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/b2b2f%0d%0add341eec25e/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:32 GMT
Server: Apache
Location: http://fastdial.net/static/images/b2b2f
dd341eec25e/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.29. https://fastdial.net/static/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8f5ab%0d%0a1bf37a5abfd was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/8f5ab%0d%0a1bf37a5abfd/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:47 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/8f5ab
1bf37a5abfd/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.30. https://fastdial.net/static/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 210fb%0d%0adc69c9c8861 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/210fb%0d%0adc69c9c8861/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:49:00 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/210fb
dc69c9c8861/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.31. https://fastdial.net/static/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b9ec1%0d%0a53ca0dbc60b was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/common/b9ec1%0d%0a53ca0dbc60b/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:49:17 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/common/b9ec1
53ca0dbc60b/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.32. https://fastdial.net/static/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 1f6b3%0d%0a51384ddd502 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/common/styles/1f6b3%0d%0a51384ddd502/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:49:31 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/common/styles/1f6b3
51384ddd502/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.33. https://fastdial.net/static/images/common/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 56c5a%0d%0af96f86e923b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /56c5a%0d%0af96f86e923b/images/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:58 GMT
Server: Apache
Location: http://fastdial.net/56c5a
f96f86e923b/images/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.34. https://fastdial.net/static/images/common/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9ee54%0d%0a3898d682a88 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9ee54%0d%0a3898d682a88/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:49:10 GMT
Server: Apache
Location: http://fastdial.net/static/9ee54
3898d682a88/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.35. https://fastdial.net/static/images/common/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 407c0%0d%0a63c430c82d9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/407c0%0d%0a63c430c82d9/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:49:27 GMT
Server: Apache
Location: http://fastdial.net/static/images/407c0
63c430c82d9/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.36. https://fastdial.net/static/images/common/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b890d%0d%0af65beb69505 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/b890d%0d%0af65beb69505/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:49:39 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/b890d
f65beb69505/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.37. https://fastdial.net/static/images/common/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5bd57%0d%0a99c3e5d7497 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/5bd57%0d%0a99c3e5d7497/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:49:59 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/5bd57
99c3e5d7497/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.38. https://fastdial.net/static/images/common/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 2cf98%0d%0ab3f89a0be89 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/common/2cf98%0d%0ab3f89a0be89/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:50:17 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/common/2cf98
b3f89a0be89/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.39. https://fastdial.net/static/images/common/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 82f8f%0d%0a653695efff1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /82f8f%0d%0a653695efff1/images/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:53:09 GMT
Server: Apache
Location: http://fastdial.net/82f8f
653695efff1/images/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.40. https://fastdial.net/static/images/common/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8b47e%0d%0a644c32e53e0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8b47e%0d%0a644c32e53e0/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:53:20 GMT
Server: Apache
Location: http://fastdial.net/static/8b47e
644c32e53e0/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.41. https://fastdial.net/static/images/common/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e9669%0d%0af93c7b0db8f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/e9669%0d%0af93c7b0db8f/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:19 GMT
Server: Apache
Location: http://fastdial.net/static/images/e9669
f93c7b0db8f/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.42. https://fastdial.net/static/images/common/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6cd23%0d%0afd97a81be was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/6cd23%0d%0afd97a81be/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:34 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/6cd23
fd97a81be/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.43. https://fastdial.net/static/images/common/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 91451%0d%0acec409669a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/91451%0d%0acec409669a/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:47 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/91451
cec409669a/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.44. https://fastdial.net/static/images/common/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1213b%0d%0a7fcaf19985 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/images/1213b%0d%0a7fcaf19985/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:55:04 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/images/1213b
7fcaf19985/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.45. https://fastdial.net/static/images/common/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload accdc%0d%0a4faed3d4dda was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /accdc%0d%0a4faed3d4dda/images/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:53:35 GMT
Server: Apache
Location: http://fastdial.net/accdc
4faed3d4dda/images/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.46. https://fastdial.net/static/images/common/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7af50%0d%0a4a82c80d0b0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7af50%0d%0a4a82c80d0b0/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:21 GMT
Server: Apache
Location: http://fastdial.net/static/7af50
4a82c80d0b0/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.47. https://fastdial.net/static/images/common/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 822d6%0d%0a5ad6a39ca1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/822d6%0d%0a5ad6a39ca1/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:35 GMT
Server: Apache
Location: http://fastdial.net/static/images/822d6
5ad6a39ca1/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.48. https://fastdial.net/static/images/common/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c2778%0d%0a02e59f9c8a5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/c2778%0d%0a02e59f9c8a5/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:48 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/c2778
02e59f9c8a5/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.49. https://fastdial.net/static/images/common/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 77a46%0d%0ae54ca6df6dc was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/77a46%0d%0ae54ca6df6dc/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:55:02 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/77a46
e54ca6df6dc/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.50. https://fastdial.net/static/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3f04b%0d%0aee3080ec05b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3f04b%0d%0aee3080ec05b/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:53:41 GMT
Server: Apache
Location: http://fastdial.net/3f04b
ee3080ec05b/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.51. https://fastdial.net/static/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 56895%0d%0af94c3baeeaf was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/56895%0d%0af94c3baeeaf/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:53:56 GMT
Server: Apache
Location: http://fastdial.net/static/56895
f94c3baeeaf/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.52. https://fastdial.net/static/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 258fc%0d%0afc870fd0166 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/258fc%0d%0afc870fd0166/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:54:07 GMT
Server: Apache
Location: http://fastdial.net/static/images/258fc
fc870fd0166/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.53. https://fastdial.net/static/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 84c78%0d%0adc7972e1fad was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/84c78%0d%0adc7972e1fad/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:54:27 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/84c78
dc7972e1fad/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.54. https://fastdial.net/static/images/common/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 70666%0d%0a6da77c3160 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /70666%0d%0a6da77c3160/images/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:52:58 GMT
Server: Apache
Location: http://fastdial.net/70666
6da77c3160/images/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.55. https://fastdial.net/static/images/common/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4c7c4%0d%0a26cd100368a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4c7c4%0d%0a26cd100368a/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:53:28 GMT
Server: Apache
Location: http://fastdial.net/static/4c7c4
26cd100368a/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.56. https://fastdial.net/static/images/common/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dae23%0d%0a390bd75be87 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/dae23%0d%0a390bd75be87/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:22 GMT
Server: Apache
Location: http://fastdial.net/static/images/dae23
390bd75be87/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.57. https://fastdial.net/static/images/common/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 23b15%0d%0a768c48febe1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/23b15%0d%0a768c48febe1/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:35 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/23b15
768c48febe1/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.58. https://fastdial.net/static/images/common/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ec06b%0d%0a799ef274a48 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/ec06b%0d%0a799ef274a48/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:49 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/ec06b
799ef274a48/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.59. https://fastdial.net/static/images/common/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 214c5%0d%0a6d7458fcd93 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /214c5%0d%0a6d7458fcd93/images/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:14 GMT
Server: Apache
Location: http://fastdial.net/214c5
6d7458fcd93/images/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.60. https://fastdial.net/static/images/common/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c2736%0d%0a8398a77bd07 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c2736%0d%0a8398a77bd07/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:32 GMT
Server: Apache
Location: http://fastdial.net/static/c2736
8398a77bd07/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.61. https://fastdial.net/static/images/common/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3f763%0d%0a48a9b168cc4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/3f763%0d%0a48a9b168cc4/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:46 GMT
Server: Apache
Location: http://fastdial.net/static/images/3f763
48a9b168cc4/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.62. https://fastdial.net/static/images/common/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 35e26%0d%0ad0f01da64bf was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/35e26%0d%0ad0f01da64bf/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:51:57 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/35e26
d0f01da64bf/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.63. https://fastdial.net/static/images/common/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ebbf0%0d%0afe2fffbee9f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/ebbf0%0d%0afe2fffbee9f/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:52:12 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/ebbf0
fe2fffbee9f/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.64. https://fastdial.net/static/images/common/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 27bcc%0d%0a6fba0ba1bd4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/styles/27bcc%0d%0a6fba0ba1bd4/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:52:29 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/styles/27bcc
6fba0ba1bd4/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.65. https://fastdial.net/static/images/common/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2e958%0d%0ab0819bb287f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2e958%0d%0ab0819bb287f/images/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:52:09 GMT
Server: Apache
Location: http://fastdial.net/2e958
b0819bb287f/images/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.66. https://fastdial.net/static/images/common/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e97af%0d%0a9e1331709da was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e97af%0d%0a9e1331709da/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:52:24 GMT
Server: Apache
Location: http://fastdial.net/static/e97af
9e1331709da/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.67. https://fastdial.net/static/images/common/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 448ec%0d%0afac944faf3d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/448ec%0d%0afac944faf3d/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:52:41 GMT
Server: Apache
Location: http://fastdial.net/static/images/448ec
fac944faf3d/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.68. https://fastdial.net/static/images/common/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 55fe5%0d%0a1b10539227d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/55fe5%0d%0a1b10539227d/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:52:55 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/55fe5
1b10539227d/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.69. https://fastdial.net/static/images/common/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f2991%0d%0a52e60eae5ab was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/images/f2991%0d%0a52e60eae5ab/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:53:06 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/images/f2991
52e60eae5ab/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.70. https://fastdial.net/static/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a6438%0d%0ab29912a7bf7 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a6438%0d%0ab29912a7bf7/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:52:58 GMT
Server: Apache
Location: http://fastdial.net/a6438
b29912a7bf7/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.71. https://fastdial.net/static/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f47e2%0d%0a6362caef384 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f47e2%0d%0a6362caef384/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:53:13 GMT
Server: Apache
Location: http://fastdial.net/static/f47e2
6362caef384/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.72. https://fastdial.net/static/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ea655%0d%0aa258ac4341d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/ea655%0d%0aa258ac4341d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:53:29 GMT
Server: Apache
Location: http://fastdial.net/static/images/ea655
a258ac4341d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.73. https://fastdial.net/static/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ac1a0%0d%0af1a98ed00f8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ac1a0%0d%0af1a98ed00f8/images/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:36 GMT
Server: Apache
Location: http://fastdial.net/ac1a0
f1a98ed00f8/images/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.74. https://fastdial.net/static/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 12ce8%0d%0aa58894ca991 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/12ce8%0d%0aa58894ca991/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:47:53 GMT
Server: Apache
Location: http://fastdial.net/static/12ce8
a58894ca991/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.75. https://fastdial.net/static/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a54d6%0d%0a1f07e84d25 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/a54d6%0d%0a1f07e84d25/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:08 GMT
Server: Apache
Location: http://fastdial.net/static/images/a54d6
1f07e84d25/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.76. https://fastdial.net/static/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 3e67c%0d%0a22f4c103a11 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/3e67c%0d%0a22f4c103a11/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:23 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/3e67c
22f4c103a11/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.77. https://fastdial.net/static/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 38cb8%0d%0a76c6d1b5de6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/scripts/38cb8%0d%0a76c6d1b5de6/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:34 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/scripts/38cb8
76c6d1b5de6/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.78. https://fastdial.net/static/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9b0e6%0d%0a39272b3c51f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/scripts/images/9b0e6%0d%0a39272b3c51f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:54 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/scripts/images/9b0e6
39272b3c51f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.79. https://fastdial.net/static/images/common/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 70310%0d%0a65ef1dca2da was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /70310%0d%0a65ef1dca2da/images/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:57 GMT
Server: Apache
Location: http://fastdial.net/70310
65ef1dca2da/images/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.80. https://fastdial.net/static/images/common/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6980a%0d%0a360681fb3a0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6980a%0d%0a360681fb3a0/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:47:24 GMT
Server: Apache
Location: http://fastdial.net/static/6980a
360681fb3a0/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.81. https://fastdial.net/static/images/common/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dd374%0d%0a3c5d884fc86 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/dd374%0d%0a3c5d884fc86/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:47:35 GMT
Server: Apache
Location: http://fastdial.net/static/images/dd374
3c5d884fc86/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.82. https://fastdial.net/static/images/common/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fd6fc%0d%0aad7082e75b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/fd6fc%0d%0aad7082e75b/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:47:54 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/fd6fc
ad7082e75b/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.83. https://fastdial.net/static/images/common/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f8a5d%0d%0ace130526622 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/scripts/f8a5d%0d%0ace130526622/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:48:09 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/scripts/f8a5d
ce130526622/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.84. https://fastdial.net/static/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f7c4b%0d%0a18a3914ca75 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f7c4b%0d%0a18a3914ca75/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:52:34 GMT
Server: Apache
Location: http://fastdial.net/f7c4b
18a3914ca75/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.85. https://fastdial.net/static/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7f200%0d%0abc7793d6858 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7f200%0d%0abc7793d6858/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:52:47 GMT
Server: Apache
Location: http://fastdial.net/static/7f200
bc7793d6858/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.86. https://fastdial.net/static/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bfcd9%0d%0a3ed71c0b4b2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/bfcd9%0d%0a3ed71c0b4b2/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:53:06 GMT
Server: Apache
Location: http://fastdial.net/static/images/bfcd9
3ed71c0b4b2/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.87. https://fastdial.net/static/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload eeadc%0d%0a2e090a3b52f was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/eeadc%0d%0a2e090a3b52f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:53:19 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/eeadc
2e090a3b52f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.88. https://fastdial.net/static/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload be9d3%0d%0a8b91b6e3205 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /be9d3%0d%0a8b91b6e3205/images/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:00 GMT
Server: Apache
Location: http://fastdial.net/be9d3
8b91b6e3205/images/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.89. https://fastdial.net/static/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f163c%0d%0a954c0781a38 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f163c%0d%0a954c0781a38/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:12 GMT
Server: Apache
Location: http://fastdial.net/static/f163c
954c0781a38/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.90. https://fastdial.net/static/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 86b4c%0d%0aa9d5d005337 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/86b4c%0d%0aa9d5d005337/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:29 GMT
Server: Apache
Location: http://fastdial.net/static/images/86b4c
a9d5d005337/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.91. https://fastdial.net/static/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 80a5e%0d%0adc4671f86d7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/80a5e%0d%0adc4671f86d7/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:41 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/80a5e
dc4671f86d7/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.92. https://fastdial.net/static/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 637fd%0d%0a58be4e01ef6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/scripts/637fd%0d%0a58be4e01ef6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:47:18 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/scripts/637fd
58be4e01ef6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.93. https://fastdial.net/static/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4eff1%0d%0a86d5a0733ca was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4eff1%0d%0a86d5a0733ca/images/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:45:19 GMT
Server: Apache
Location: http://fastdial.net/4eff1
86d5a0733ca/images/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.94. https://fastdial.net/static/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload aada7%0d%0a48d55c04006 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/aada7%0d%0a48d55c04006/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:45:36 GMT
Server: Apache
Location: http://fastdial.net/static/aada7
48d55c04006/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.95. https://fastdial.net/static/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload fae4c%0d%0a388e0eea44 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/fae4c%0d%0a388e0eea44/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:45:50 GMT
Server: Apache
Location: http://fastdial.net/static/images/fae4c
388e0eea44/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.96. https://fastdial.net/static/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e13d2%0d%0a40991712265 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/e13d2%0d%0a40991712265/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:03 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/e13d2
40991712265/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.97. https://fastdial.net/static/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e079e%0d%0a83f5da4bb4d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/scripts/e079e%0d%0a83f5da4bb4d/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:21 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/scripts/e079e
83f5da4bb4d/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.98. https://fastdial.net/static/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload ba4b1%0d%0aba127151dc8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/scripts/styles/ba4b1%0d%0aba127151dc8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:35 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/scripts/styles/ba4b1
ba127151dc8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.99. https://fastdial.net/static/images/common/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4f3a6%0d%0aa9af32fb61 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4f3a6%0d%0aa9af32fb61/images/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:45:47 GMT
Server: Apache
Location: http://fastdial.net/4f3a6
a9af32fb61/images/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.100. https://fastdial.net/static/images/common/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 456e5%0d%0a72a2edd5fcb was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/456e5%0d%0a72a2edd5fcb/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:06 GMT
Server: Apache
Location: http://fastdial.net/static/456e5
72a2edd5fcb/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.101. https://fastdial.net/static/images/common/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1f4b3%0d%0a65aa6488a28 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/1f4b3%0d%0a65aa6488a28/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:21 GMT
Server: Apache
Location: http://fastdial.net/static/images/1f4b3
65aa6488a28/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.102. https://fastdial.net/static/images/common/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7ef97%0d%0a4c85cfee287 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/7ef97%0d%0a4c85cfee287/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:46:32 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/7ef97
4c85cfee287/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.103. https://fastdial.net/static/images/common/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 48f98%0d%0afe0fb131cd9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/scripts/48f98%0d%0afe0fb131cd9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:47:18 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/scripts/48f98
fe0fb131cd9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.104. https://fastdial.net/static/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f4c64%0d%0a516e26cfeec was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f4c64%0d%0a516e26cfeec/images/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:43 GMT
Server: Apache
Location: http://fastdial.net/f4c64
516e26cfeec/images/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.105. https://fastdial.net/static/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9a0ec%0d%0a3dbcd7839e3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9a0ec%0d%0a3dbcd7839e3/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:57 GMT
Server: Apache
Location: http://fastdial.net/static/9a0ec
3dbcd7839e3/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.106. https://fastdial.net/static/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e931b%0d%0a6479fd1a8f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/e931b%0d%0a6479fd1a8f/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:13 GMT
Server: Apache
Location: http://fastdial.net/static/images/e931b
6479fd1a8f/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.107. https://fastdial.net/static/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b631b%0d%0afcaf6d229a7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/b631b%0d%0afcaf6d229a7/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:29 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/b631b
fcaf6d229a7/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.108. https://fastdial.net/static/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 58190%0d%0a8ff5ac22d1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/58190%0d%0a8ff5ac22d1/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:49 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/58190
8ff5ac22d1/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.109. https://fastdial.net/static/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c8330%0d%0a3d56ef6f097 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/common/c8330%0d%0a3d56ef6f097/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:42:04 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/common/c8330
3d56ef6f097/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.110. https://fastdial.net/static/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 939f3%0d%0a727061306f9 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/common/images/939f3%0d%0a727061306f9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:42:17 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/common/images/939f3
727061306f9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.111. https://fastdial.net/static/images/common/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2067f%0d%0ac3a6dc9999c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2067f%0d%0ac3a6dc9999c/images/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:49 GMT
Server: Apache
Location: http://fastdial.net/2067f
c3a6dc9999c/images/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.112. https://fastdial.net/static/images/common/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c71bf%0d%0a098a42e2211 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c71bf%0d%0a098a42e2211/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:06 GMT
Server: Apache
Location: http://fastdial.net/static/c71bf
098a42e2211/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.113. https://fastdial.net/static/images/common/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 8dca8%0d%0ab57609d51e4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/8dca8%0d%0ab57609d51e4/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:21 GMT
Server: Apache
Location: http://fastdial.net/static/images/8dca8
b57609d51e4/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.114. https://fastdial.net/static/images/common/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2899c%0d%0a200fc8752e7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/2899c%0d%0a200fc8752e7/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:36 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/2899c
200fc8752e7/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.115. https://fastdial.net/static/images/common/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 66df4%0d%0a0e621499803 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/66df4%0d%0a0e621499803/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:53 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/66df4
0e621499803/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.116. https://fastdial.net/static/images/common/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b0d4a%0d%0ad7e47d2552 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/common/b0d4a%0d%0ad7e47d2552/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:42:16 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/common/b0d4a
d7e47d2552/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.117. https://fastdial.net/static/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9e10e%0d%0a4093a99bb12 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9e10e%0d%0a4093a99bb12/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:50:32 GMT
Server: Apache
Location: http://fastdial.net/9e10e
4093a99bb12/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.118. https://fastdial.net/static/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f2805%0d%0ae241e2978db was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f2805%0d%0ae241e2978db/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:50:50 GMT
Server: Apache
Location: http://fastdial.net/static/f2805
e241e2978db/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.119. https://fastdial.net/static/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f6f78%0d%0a7a3113567cd was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/f6f78%0d%0a7a3113567cd/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:15 GMT
Server: Apache
Location: http://fastdial.net/static/images/f6f78
7a3113567cd/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.120. https://fastdial.net/static/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4dac9%0d%0ab433a70cff7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/4dac9%0d%0ab433a70cff7/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:34 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/4dac9
b433a70cff7/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.121. https://fastdial.net/static/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 8b9a8%0d%0a3d971ac4074 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/8b9a8%0d%0a3d971ac4074/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:47 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/8b9a8
3d971ac4074/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.122. https://fastdial.net/static/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2e422%0d%0aa90ab0614c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2e422%0d%0aa90ab0614c/images/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:39:55 GMT
Server: Apache
Location: http://fastdial.net/2e422
a90ab0614c/images/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.123. https://fastdial.net/static/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload fbc75%0d%0a8aefca30270 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/fbc75%0d%0a8aefca30270/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:13 GMT
Server: Apache
Location: http://fastdial.net/static/fbc75
8aefca30270/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.124. https://fastdial.net/static/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d3a85%0d%0ab64dda3b5f1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/d3a85%0d%0ab64dda3b5f1/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:27 GMT
Server: Apache
Location: http://fastdial.net/static/images/d3a85
b64dda3b5f1/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.125. https://fastdial.net/static/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 90fe7%0d%0a1faf2cf0fb2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/90fe7%0d%0a1faf2cf0fb2/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:38 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/90fe7
1faf2cf0fb2/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.126. https://fastdial.net/static/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b2b14%0d%0ae286d9c4c59 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/b2b14%0d%0ae286d9c4c59/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:53 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/b2b14
e286d9c4c59/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.127. https://fastdial.net/static/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 78638%0d%0a869ac7c1cb2 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/common/78638%0d%0a869ac7c1cb2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:10 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/common/78638
869ac7c1cb2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.128. https://fastdial.net/static/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c8337%0d%0aa1c92f0554 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c8337%0d%0aa1c92f0554/images/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:39:40 GMT
Server: Apache
Location: http://fastdial.net/c8337
a1c92f0554/images/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.129. https://fastdial.net/static/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1fad1%0d%0ab14125b23d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1fad1%0d%0ab14125b23d/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:39:51 GMT
Server: Apache
Location: http://fastdial.net/static/1fad1
b14125b23d/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.130. https://fastdial.net/static/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d9c25%0d%0a7e35bfbf963 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/d9c25%0d%0a7e35bfbf963/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:09 GMT
Server: Apache
Location: http://fastdial.net/static/images/d9c25
7e35bfbf963/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.131. https://fastdial.net/static/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 19d2f%0d%0af713f5e046b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/19d2f%0d%0af713f5e046b/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:20 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/19d2f
f713f5e046b/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.132. https://fastdial.net/static/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3299e%0d%0add5520790b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/3299e%0d%0add5520790b/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:34 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/3299e
dd5520790b/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.133. https://fastdial.net/static/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 542ab%0d%0a0e7a35d878d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/common/542ab%0d%0a0e7a35d878d/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:49 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/common/542ab
0e7a35d878d/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.134. https://fastdial.net/static/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 36ff9%0d%0a0ac2802a6c5 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/common/styles/36ff9%0d%0a0ac2802a6c5/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:06 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/common/styles/36ff9
0ac2802a6c5/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.135. https://fastdial.net/static/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 60c00%0d%0a75e319f33c1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /60c00%0d%0a75e319f33c1/images/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:39:57 GMT
Server: Apache
Location: http://fastdial.net/60c00
75e319f33c1/images/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.136. https://fastdial.net/static/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload bf442%0d%0ab3e0c65f31e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/bf442%0d%0ab3e0c65f31e/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:16 GMT
Server: Apache
Location: http://fastdial.net/static/bf442
b3e0c65f31e/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.137. https://fastdial.net/static/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1fbb2%0d%0a8644825ceda was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/1fbb2%0d%0a8644825ceda/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:29 GMT
Server: Apache
Location: http://fastdial.net/static/images/1fbb2
8644825ceda/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.138. https://fastdial.net/static/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1e74d%0d%0a30cbcea8c20 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/1e74d%0d%0a30cbcea8c20/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:40:43 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/1e74d
30cbcea8c20/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.139. https://fastdial.net/static/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1d140%0d%0a17f1eff44f7 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/1d140%0d%0a17f1eff44f7/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:00 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/1d140
17f1eff44f7/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.140. https://fastdial.net/static/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 90fd0%0d%0ab0cb021e3c2 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/common/90fd0%0d%0ab0cb021e3c2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:41:13 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/common/90fd0
b0cb021e3c2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.141. https://fastdial.net/static/images/common/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e370e%0d%0a7fa1f13b431 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e370e%0d%0a7fa1f13b431/images/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:42 GMT
Server: Apache
Location: http://fastdial.net/e370e
7fa1f13b431/images/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.142. https://fastdial.net/static/images/common/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2904a%0d%0a2e206fdd8f2 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2904a%0d%0a2e206fdd8f2/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:01 GMT
Server: Apache
Location: http://fastdial.net/static/2904a
2e206fdd8f2/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.143. https://fastdial.net/static/images/common/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4e193%0d%0acf2c3eeabbd was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/4e193%0d%0acf2c3eeabbd/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:14 GMT
Server: Apache
Location: http://fastdial.net/static/images/4e193
cf2c3eeabbd/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.144. https://fastdial.net/static/images/common/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 198a9%0d%0ab24ff7069fc was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/198a9%0d%0ab24ff7069fc/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:33 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/198a9
b24ff7069fc/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.145. https://fastdial.net/static/images/common/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b47d8%0d%0a77ce012928d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/b47d8%0d%0a77ce012928d/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:48 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/b47d8
77ce012928d/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.146. https://fastdial.net/static/images/common/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d2afe%0d%0adde44f377f6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/images/d2afe%0d%0adde44f377f6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:45:04 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/images/d2afe
dde44f377f6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.147. https://fastdial.net/static/images/common/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 55f61%0d%0ac0bff6462dd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /55f61%0d%0ac0bff6462dd/images/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:04 GMT
Server: Apache
Location: http://fastdial.net/55f61
c0bff6462dd/images/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.148. https://fastdial.net/static/images/common/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9a7db%0d%0a55eafa73e31 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9a7db%0d%0a55eafa73e31/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:20 GMT
Server: Apache
Location: http://fastdial.net/static/9a7db
55eafa73e31/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.149. https://fastdial.net/static/images/common/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ba088%0d%0ae111dbc034d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/ba088%0d%0ae111dbc034d/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:34 GMT
Server: Apache
Location: http://fastdial.net/static/images/ba088
e111dbc034d/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.150. https://fastdial.net/static/images/common/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload cd075%0d%0ab37d1df6a98 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/cd075%0d%0ab37d1df6a98/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:47 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/cd075
b37d1df6a98/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.151. https://fastdial.net/static/images/common/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1eea1%0d%0ae0c6851d538 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/1eea1%0d%0ae0c6851d538/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:45:07 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/1eea1
e0c6851d538/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.152. https://fastdial.net/static/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9fc01%0d%0ad18443ed28c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9fc01%0d%0ad18443ed28c/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:18 GMT
Server: Apache
Location: http://fastdial.net/9fc01
d18443ed28c/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.153. https://fastdial.net/static/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3087b%0d%0a71f42db1adf was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3087b%0d%0a71f42db1adf/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:33 GMT
Server: Apache
Location: http://fastdial.net/static/3087b
71f42db1adf/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.154. https://fastdial.net/static/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b7b27%0d%0a0c943f61f93 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/b7b27%0d%0a0c943f61f93/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:48 GMT
Server: Apache
Location: http://fastdial.net/static/images/b7b27
0c943f61f93/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.155. https://fastdial.net/static/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9e2ba%0d%0a7d42c1105e9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/9e2ba%0d%0a7d42c1105e9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:52:03 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/9e2ba
7d42c1105e9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.156. https://fastdial.net/static/images/common/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e0d6a%0d%0a8aefcd569a2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e0d6a%0d%0a8aefcd569a2/images/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:16 GMT
Server: Apache
Location: http://fastdial.net/e0d6a
8aefcd569a2/images/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.157. https://fastdial.net/static/images/common/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d9196%0d%0a1be9a77c8ce was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d9196%0d%0a1be9a77c8ce/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:37 GMT
Server: Apache
Location: http://fastdial.net/static/d9196
1be9a77c8ce/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.158. https://fastdial.net/static/images/common/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 12e44%0d%0aff4bb079dda was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/12e44%0d%0aff4bb079dda/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:53 GMT
Server: Apache
Location: http://fastdial.net/static/images/12e44
ff4bb079dda/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.159. https://fastdial.net/static/images/common/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4fee1%0d%0a984badc428a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/4fee1%0d%0a984badc428a/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:04 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/4fee1
984badc428a/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.160. https://fastdial.net/static/images/common/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 946e5%0d%0a089e9335f18 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/946e5%0d%0a089e9335f18/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:44:22 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/946e5
089e9335f18/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.161. https://fastdial.net/static/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2dc0e%0d%0ae87daa70fb5 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2dc0e%0d%0ae87daa70fb5/images/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:42:30 GMT
Server: Apache
Location: http://fastdial.net/2dc0e
e87daa70fb5/images/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.162. https://fastdial.net/static/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d848d%0d%0a40b50cdfaeb was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d848d%0d%0a40b50cdfaeb/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:42:45 GMT
Server: Apache
Location: http://fastdial.net/static/d848d
40b50cdfaeb/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.163. https://fastdial.net/static/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9e943%0d%0a7b0eb99e4e2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/9e943%0d%0a7b0eb99e4e2/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:42:59 GMT
Server: Apache
Location: http://fastdial.net/static/images/9e943
7b0eb99e4e2/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.164. https://fastdial.net/static/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d0297%0d%0aafbdde6d215 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/d0297%0d%0aafbdde6d215/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:13 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/d0297
afbdde6d215/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.165. https://fastdial.net/static/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4235a%0d%0a63219ae5f70 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/4235a%0d%0a63219ae5f70/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:27 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/4235a
63219ae5f70/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.166. https://fastdial.net/static/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 33b75%0d%0a7d68fa8edf5 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/styles/33b75%0d%0a7d68fa8edf5/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:44 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/styles/33b75
7d68fa8edf5/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.167. https://fastdial.net/static/images/common/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f4eb7%0d%0a3f86f5aea83 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f4eb7%0d%0a3f86f5aea83/images/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:42:50 GMT
Server: Apache
Location: http://fastdial.net/f4eb7
3f86f5aea83/images/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.168. https://fastdial.net/static/images/common/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ff6e3%0d%0afc7626cc433 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ff6e3%0d%0afc7626cc433/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:07 GMT
Server: Apache
Location: http://fastdial.net/static/ff6e3
fc7626cc433/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.169. https://fastdial.net/static/images/common/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b9bb2%0d%0a585f65f7d49 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/b9bb2%0d%0a585f65f7d49/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:22 GMT
Server: Apache
Location: http://fastdial.net/static/images/b9bb2
585f65f7d49/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.170. https://fastdial.net/static/images/common/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e8c13%0d%0acc150805fce was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/e8c13%0d%0acc150805fce/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:36 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/e8c13
cc150805fce/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.171. https://fastdial.net/static/images/common/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e3ef0%0d%0aa758507af83 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/common/styles/e3ef0%0d%0aa758507af83/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:43:54 GMT
Server: Apache
Location: http://fastdial.net/static/images/common/styles/e3ef0
a758507af83/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.172. https://fastdial.net/static/images/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 49651%0d%0a16c2f609640 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /49651%0d%0a16c2f609640/images/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:08 GMT
Server: Apache
Location: http://fastdial.net/49651
16c2f609640/images/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.173. https://fastdial.net/static/images/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1235e%0d%0a6c243e9cd8a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1235e%0d%0a6c243e9cd8a/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:22 GMT
Server: Apache
Location: http://fastdial.net/static/1235e
6c243e9cd8a/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.174. https://fastdial.net/static/images/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d87d8%0d%0ad27d3f53185 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/d87d8%0d%0ad27d3f53185/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:43 GMT
Server: Apache
Location: http://fastdial.net/static/images/d87d8
d27d3f53185/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.175. https://fastdial.net/static/images/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2b218%0d%0a7ffa44a4b6b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/2b218%0d%0a7ffa44a4b6b/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:00 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/2b218
7ffa44a4b6b/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.176. https://fastdial.net/static/images/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 13409%0d%0af2014a63fdd was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/common/13409%0d%0af2014a63fdd/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:14 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/common/13409
f2014a63fdd/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.177. https://fastdial.net/static/images/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d2303%0d%0aaf116f0a2b3 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/common/images/d2303%0d%0aaf116f0a2b3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:25 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/common/images/d2303
af116f0a2b3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.178. https://fastdial.net/static/images/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload cfff0%0d%0a22e7ec418a8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /cfff0%0d%0a22e7ec418a8/images/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:30 GMT
Server: Apache
Location: http://fastdial.net/cfff0
22e7ec418a8/images/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.179. https://fastdial.net/static/images/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3e6af%0d%0a18a8c66964c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3e6af%0d%0a18a8c66964c/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:46 GMT
Server: Apache
Location: http://fastdial.net/static/3e6af
18a8c66964c/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.180. https://fastdial.net/static/images/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 53f27%0d%0a73b5a3c4ca1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/53f27%0d%0a73b5a3c4ca1/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:57 GMT
Server: Apache
Location: http://fastdial.net/static/images/53f27
73b5a3c4ca1/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.181. https://fastdial.net/static/images/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f2317%0d%0ab789b54aac3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/f2317%0d%0ab789b54aac3/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:14 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/f2317
b789b54aac3/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.182. https://fastdial.net/static/images/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f7c9c%0d%0a7832f5f7da1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/common/f7c9c%0d%0a7832f5f7da1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:24 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/common/f7c9c
7832f5f7da1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.183. https://fastdial.net/static/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a8968%0d%0a48f4ceff178 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a8968%0d%0a48f4ceff178/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:58:49 GMT
Server: Apache
Location: http://fastdial.net/a8968
48f4ceff178/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.184. https://fastdial.net/static/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4c7de%0d%0acb5fa689faf was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4c7de%0d%0acb5fa689faf/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:03 GMT
Server: Apache
Location: http://fastdial.net/static/4c7de
cb5fa689faf/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.185. https://fastdial.net/static/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 858ee%0d%0abfcdeb98c98 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/858ee%0d%0abfcdeb98c98/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:18 GMT
Server: Apache
Location: http://fastdial.net/static/images/858ee
bfcdeb98c98/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.186. https://fastdial.net/static/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1d1b6%0d%0a58e115094b4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/1d1b6%0d%0a58e115094b4/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:33 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/1d1b6
58e115094b4/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.187. https://fastdial.net/static/images/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload bea8f%0d%0a417cf399116 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /bea8f%0d%0a417cf399116/images/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:04:58 GMT
Server: Apache
Location: http://fastdial.net/bea8f
417cf399116/images/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.188. https://fastdial.net/static/images/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6b861%0d%0add324857796 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6b861%0d%0add324857796/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:14 GMT
Server: Apache
Location: http://fastdial.net/static/6b861
dd324857796/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.189. https://fastdial.net/static/images/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 781a1%0d%0a18fe300cd6 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/781a1%0d%0a18fe300cd6/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:42 GMT
Server: Apache
Location: http://fastdial.net/static/images/781a1
18fe300cd6/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.190. https://fastdial.net/static/images/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 83cff%0d%0aed5fc1169f3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/83cff%0d%0aed5fc1169f3/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:56 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/83cff
ed5fc1169f3/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.191. https://fastdial.net/static/images/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7b155%0d%0a8a3847f3dde was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/common/7b155%0d%0a8a3847f3dde/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:10 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/common/7b155
8a3847f3dde/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.192. https://fastdial.net/static/images/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b446a%0d%0a35381343fd6 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b446a%0d%0a35381343fd6/images/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:02:56 GMT
Server: Apache
Location: http://fastdial.net/b446a
35381343fd6/images/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.193. https://fastdial.net/static/images/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3060d%0d%0ab25d4880593 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3060d%0d%0ab25d4880593/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:10 GMT
Server: Apache
Location: http://fastdial.net/static/3060d
b25d4880593/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.194. https://fastdial.net/static/images/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ad81a%0d%0a1b24d0a0f35 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/ad81a%0d%0a1b24d0a0f35/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:24 GMT
Server: Apache
Location: http://fastdial.net/static/images/ad81a
1b24d0a0f35/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.195. https://fastdial.net/static/images/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 90866%0d%0a4abc55f54fb was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/90866%0d%0a4abc55f54fb/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:42 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/90866
4abc55f54fb/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.196. https://fastdial.net/static/images/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5d963%0d%0a04a9758ee6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/common/5d963%0d%0a04a9758ee6/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:57 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/common/5d963
04a9758ee6/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.197. https://fastdial.net/static/images/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 60902%0d%0a73ce4e75e50 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/common/styles/60902%0d%0a73ce4e75e50/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:04:11 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/common/styles/60902
73ce4e75e50/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.198. https://fastdial.net/static/images/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 65102%0d%0a4f386317fb3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /65102%0d%0a4f386317fb3/images/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:07 GMT
Server: Apache
Location: http://fastdial.net/65102
4f386317fb3/images/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.199. https://fastdial.net/static/images/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c3c33%0d%0aa3f907be78 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c3c33%0d%0aa3f907be78/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:21 GMT
Server: Apache
Location: http://fastdial.net/static/c3c33
a3f907be78/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.200. https://fastdial.net/static/images/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 34cc3%0d%0a7954c8b22d9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/34cc3%0d%0a7954c8b22d9/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:39 GMT
Server: Apache
Location: http://fastdial.net/static/images/34cc3
7954c8b22d9/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.201. https://fastdial.net/static/images/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e86f0%0d%0ae69a0e97eb6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/e86f0%0d%0ae69a0e97eb6/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:51 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/e86f0
e69a0e97eb6/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.202. https://fastdial.net/static/images/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1c81a%0d%0af52f9425e60 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/common/1c81a%0d%0af52f9425e60/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:04:10 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/common/1c81a
f52f9425e60/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.203. https://fastdial.net/static/images/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fa660%0d%0a91def3d2eef was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fa660%0d%0a91def3d2eef/images/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:08:24 GMT
Server: Apache
Location: http://fastdial.net/fa660
91def3d2eef/images/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.204. https://fastdial.net/static/images/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload db1ec%0d%0ace9a3d247d2 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/db1ec%0d%0ace9a3d247d2/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:08:38 GMT
Server: Apache
Location: http://fastdial.net/static/db1ec
ce9a3d247d2/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.205. https://fastdial.net/static/images/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9573e%0d%0aa37dd39a7db was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/9573e%0d%0aa37dd39a7db/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:08:54 GMT
Server: Apache
Location: http://fastdial.net/static/images/9573e
a37dd39a7db/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.206. https://fastdial.net/static/images/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f21a2%0d%0a981d2dc6da7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/f21a2%0d%0a981d2dc6da7/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:09:12 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/f21a2
981d2dc6da7/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.207. https://fastdial.net/static/images/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ac11d%0d%0a2fe364f552a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/images/ac11d%0d%0a2fe364f552a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:09:27 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/images/ac11d
2fe364f552a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.208. https://fastdial.net/static/images/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 74d88%0d%0a7201a4c7477 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /74d88%0d%0a7201a4c7477/images/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:52:13 GMT
Server: Apache
Location: http://fastdial.net/74d88
7201a4c7477/images/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.209. https://fastdial.net/static/images/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2a202%0d%0a70a0bf480dc was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2a202%0d%0a70a0bf480dc/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:52:26 GMT
Server: Apache
Location: http://fastdial.net/static/2a202
70a0bf480dc/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.210. https://fastdial.net/static/images/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e1320%0d%0a2618d67bc5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/e1320%0d%0a2618d67bc5/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:52:36 GMT
Server: Apache
Location: http://fastdial.net/static/images/e1320
2618d67bc5/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.211. https://fastdial.net/static/images/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1a29d%0d%0a4e11d11c5f2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/1a29d%0d%0a4e11d11c5f2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:52:58 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/1a29d
4e11d11c5f2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.212. https://fastdial.net/static/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 821ef%0d%0a05742434407 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /821ef%0d%0a05742434407/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:28 GMT
Server: Apache
Location: http://fastdial.net/821ef
05742434407/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.213. https://fastdial.net/static/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c2e55%0d%0a8981d010767 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c2e55%0d%0a8981d010767/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:42 GMT
Server: Apache
Location: http://fastdial.net/static/c2e55
8981d010767/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.214. https://fastdial.net/static/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c4b51%0d%0a3e0a2c8f140 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/c4b51%0d%0a3e0a2c8f140/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:58 GMT
Server: Apache
Location: http://fastdial.net/static/images/c4b51
3e0a2c8f140/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.215. https://fastdial.net/static/images/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e4134%0d%0a95765377fce was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e4134%0d%0a95765377fce/images/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:55 GMT
Server: Apache
Location: http://fastdial.net/e4134
95765377fce/images/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.216. https://fastdial.net/static/images/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e6d05%0d%0ab1eb31996e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e6d05%0d%0ab1eb31996e/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:07:11 GMT
Server: Apache
Location: http://fastdial.net/static/e6d05
b1eb31996e/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.217. https://fastdial.net/static/images/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bc7b0%0d%0abc507a8f3a7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/bc7b0%0d%0abc507a8f3a7/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:07:29 GMT
Server: Apache
Location: http://fastdial.net/static/images/bc7b0
bc507a8f3a7/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.218. https://fastdial.net/static/images/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 70741%0d%0ab15f3ee29ec was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/70741%0d%0ab15f3ee29ec/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:07:43 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/70741
b15f3ee29ec/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.219. https://fastdial.net/static/images/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e1d11%0d%0a5b9e6266d81 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e1d11%0d%0a5b9e6266d81/images/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:44 GMT
Server: Apache
Location: http://fastdial.net/e1d11
5b9e6266d81/images/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.220. https://fastdial.net/static/images/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 50f55%0d%0a6136f343714 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/50f55%0d%0a6136f343714/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:05:54 GMT
Server: Apache
Location: http://fastdial.net/static/50f55
6136f343714/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.221. https://fastdial.net/static/images/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a31ef%0d%0aa38b416023e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/a31ef%0d%0aa38b416023e/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:12 GMT
Server: Apache
Location: http://fastdial.net/static/images/a31ef
a38b416023e/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.222. https://fastdial.net/static/images/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload bb466%0d%0af5cceb51776 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/bb466%0d%0af5cceb51776/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:22 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/bb466
f5cceb51776/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.223. https://fastdial.net/static/images/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload fc77e%0d%0abb4b750d5da was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/styles/fc77e%0d%0abb4b750d5da/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:38 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/styles/fc77e
bb4b750d5da/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.224. https://fastdial.net/static/images/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 92244%0d%0a8c1da7f3dac was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /92244%0d%0a8c1da7f3dac/images/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:12 GMT
Server: Apache
Location: http://fastdial.net/92244
8c1da7f3dac/images/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.225. https://fastdial.net/static/images/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3030d%0d%0a880f8937544 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3030d%0d%0a880f8937544/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:27 GMT
Server: Apache
Location: http://fastdial.net/static/3030d
880f8937544/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.226. https://fastdial.net/static/images/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e3a94%0d%0ac51884e34a2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/e3a94%0d%0ac51884e34a2/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:06:42 GMT
Server: Apache
Location: http://fastdial.net/static/images/e3a94
c51884e34a2/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.227. https://fastdial.net/static/images/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload edf78%0d%0a37e26ac583f was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/images/edf78%0d%0a37e26ac583f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:07:02 GMT
Server: Apache
Location: http://fastdial.net/static/images/images/edf78
37e26ac583f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.228. https://fastdial.net/static/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 18a61%0d%0ae70c3077caa was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /18a61%0d%0ae70c3077caa/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:57:20 GMT
Server: Apache
Location: http://fastdial.net/18a61
e70c3077caa/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.229. https://fastdial.net/static/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload fd7f7%0d%0adcbca69e1bd was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/fd7f7%0d%0adcbca69e1bd/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:57:37 GMT
Server: Apache
Location: http://fastdial.net/static/fd7f7
dcbca69e1bd/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.230. https://fastdial.net/static/images/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 411ae%0d%0a1b2529a7757 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /411ae%0d%0a1b2529a7757/images/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:02:25 GMT
Server: Apache
Location: http://fastdial.net/411ae
1b2529a7757/images/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.231. https://fastdial.net/static/images/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload cfa19%0d%0abe3a21ec96 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/cfa19%0d%0abe3a21ec96/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:02:38 GMT
Server: Apache
Location: http://fastdial.net/static/cfa19
be3a21ec96/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.232. https://fastdial.net/static/images/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload cf55b%0d%0a708fb9c4049 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/cf55b%0d%0a708fb9c4049/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:02:55 GMT
Server: Apache
Location: http://fastdial.net/static/images/cf55b
708fb9c4049/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.233. https://fastdial.net/static/images/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9d776%0d%0a70891454f27 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/scripts/9d776%0d%0a70891454f27/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:06 GMT
Server: Apache
Location: http://fastdial.net/static/images/scripts/9d776
70891454f27/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.234. https://fastdial.net/static/images/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1800f%0d%0acf743f7677 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/scripts/images/1800f%0d%0acf743f7677/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:20 GMT
Server: Apache
Location: http://fastdial.net/static/images/scripts/images/1800f
cf743f7677/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.235. https://fastdial.net/static/images/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fee73%0d%0a82bb1287ca was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fee73%0d%0a82bb1287ca/images/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:02:48 GMT
Server: Apache
Location: http://fastdial.net/fee73
82bb1287ca/images/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.236. https://fastdial.net/static/images/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e132e%0d%0a761420b8b05 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e132e%0d%0a761420b8b05/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:01 GMT
Server: Apache
Location: http://fastdial.net/static/e132e
761420b8b05/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.237. https://fastdial.net/static/images/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f6a92%0d%0ac66c8d41b1d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/f6a92%0d%0ac66c8d41b1d/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:12 GMT
Server: Apache
Location: http://fastdial.net/static/images/f6a92
c66c8d41b1d/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.238. https://fastdial.net/static/images/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5940d%0d%0a8f6085e3464 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/scripts/5940d%0d%0a8f6085e3464/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:03:29 GMT
Server: Apache
Location: http://fastdial.net/static/images/scripts/5940d
8f6085e3464/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.239. https://fastdial.net/static/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 414d9%0d%0a96b8f20ce3d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /414d9%0d%0a96b8f20ce3d/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:55:51 GMT
Server: Apache
Location: http://fastdial.net/414d9
96b8f20ce3d/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.240. https://fastdial.net/static/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e006d%0d%0a8cc5a8c8fc9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e006d%0d%0a8cc5a8c8fc9/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:56:53 GMT
Server: Apache
Location: http://fastdial.net/static/e006d
8cc5a8c8fc9/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.241. https://fastdial.net/static/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a96ae%0d%0a85ede1414db was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/a96ae%0d%0a85ede1414db/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:57:11 GMT
Server: Apache
Location: http://fastdial.net/static/images/a96ae
85ede1414db/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.242. https://fastdial.net/static/images/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1a669%0d%0a96ad792dbd8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1a669%0d%0a96ad792dbd8/images/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:02:09 GMT
Server: Apache
Location: http://fastdial.net/1a669
96ad792dbd8/images/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.243. https://fastdial.net/static/images/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ba1ab%0d%0a09868327bbe was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ba1ab%0d%0a09868327bbe/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:02:28 GMT
Server: Apache
Location: http://fastdial.net/static/ba1ab
09868327bbe/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.244. https://fastdial.net/static/images/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 98822%0d%0a2985bb368c5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/98822%0d%0a2985bb368c5/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:02:46 GMT
Server: Apache
Location: http://fastdial.net/static/images/98822
2985bb368c5/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.245. https://fastdial.net/static/images/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload dc68e%0d%0a89ecc1b1753 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/scripts/dc68e%0d%0a89ecc1b1753/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:02:59 GMT
Server: Apache
Location: http://fastdial.net/static/images/scripts/dc68e
89ecc1b1753/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.246. https://fastdial.net/static/images/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3e602%0d%0abb78e0b3ae was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3e602%0d%0abb78e0b3ae/images/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:07 GMT
Server: Apache
Location: http://fastdial.net/3e602
bb78e0b3ae/images/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.247. https://fastdial.net/static/images/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e51f7%0d%0ab3c4b653145 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e51f7%0d%0ab3c4b653145/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:20 GMT
Server: Apache
Location: http://fastdial.net/static/e51f7
b3c4b653145/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.248. https://fastdial.net/static/images/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload fba88%0d%0aec331c21221 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/fba88%0d%0aec331c21221/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:39 GMT
Server: Apache
Location: http://fastdial.net/static/images/fba88
ec331c21221/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.249. https://fastdial.net/static/images/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 687e8%0d%0a5c57011b281 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/scripts/687e8%0d%0a5c57011b281/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:49 GMT
Server: Apache
Location: http://fastdial.net/static/images/scripts/687e8
5c57011b281/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.250. https://fastdial.net/static/images/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 37450%0d%0a8a902518cf2 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/scripts/styles/37450%0d%0a8a902518cf2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:01:03 GMT
Server: Apache
Location: http://fastdial.net/static/images/scripts/styles/37450
8a902518cf2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.251. https://fastdial.net/static/images/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4859e%0d%0a802a8fbd51c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4859e%0d%0a802a8fbd51c/images/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:46 GMT
Server: Apache
Location: http://fastdial.net/4859e
802a8fbd51c/images/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.252. https://fastdial.net/static/images/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 70e2e%0d%0a06e57097d37 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/70e2e%0d%0a06e57097d37/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:01:00 GMT
Server: Apache
Location: http://fastdial.net/static/70e2e
06e57097d37/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.253. https://fastdial.net/static/images/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3d6e5%0d%0a4b94528a961 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/3d6e5%0d%0a4b94528a961/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:01:18 GMT
Server: Apache
Location: http://fastdial.net/static/images/3d6e5
4b94528a961/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.254. https://fastdial.net/static/images/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload debb8%0d%0a292d6cf2137 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/scripts/debb8%0d%0a292d6cf2137/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:01:29 GMT
Server: Apache
Location: http://fastdial.net/static/images/scripts/debb8
292d6cf2137/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.255. https://fastdial.net/static/images/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9d31b%0d%0a6bfba61b58d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9d31b%0d%0a6bfba61b58d/images/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:10 GMT
Server: Apache
Location: http://fastdial.net/9d31b
6bfba61b58d/images/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.256. https://fastdial.net/static/images/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3e4ae%0d%0a2475cbbf3b3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3e4ae%0d%0a2475cbbf3b3/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:24 GMT
Server: Apache
Location: http://fastdial.net/static/3e4ae
2475cbbf3b3/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.257. https://fastdial.net/static/images/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3383c%0d%0a1a5f3512f1d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/3383c%0d%0a1a5f3512f1d/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:34 GMT
Server: Apache
Location: http://fastdial.net/static/images/3383c
1a5f3512f1d/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.258. https://fastdial.net/static/images/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1b7bf%0d%0afd906f951ca was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/1b7bf%0d%0afd906f951ca/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:49 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/1b7bf
fd906f951ca/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.259. https://fastdial.net/static/images/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9e456%0d%0a0428b620d69 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/common/9e456%0d%0a0428b620d69/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:58:06 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/common/9e456
0428b620d69/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.260. https://fastdial.net/static/images/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 4ab88%0d%0a5336cacc593 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/common/images/4ab88%0d%0a5336cacc593/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:58:19 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/common/images/4ab88
5336cacc593/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.261. https://fastdial.net/static/images/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 37d0b%0d%0aa958a83d1eb was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /37d0b%0d%0aa958a83d1eb/images/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:22 GMT
Server: Apache
Location: http://fastdial.net/37d0b
a958a83d1eb/images/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.262. https://fastdial.net/static/images/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 82291%0d%0a66882640d0e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/82291%0d%0a66882640d0e/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:33 GMT
Server: Apache
Location: http://fastdial.net/static/82291
66882640d0e/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.263. https://fastdial.net/static/images/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a4818%0d%0ae71adb66575 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/a4818%0d%0ae71adb66575/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:51 GMT
Server: Apache
Location: http://fastdial.net/static/images/a4818
e71adb66575/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.264. https://fastdial.net/static/images/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload dd001%0d%0a5b4303e7d7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/dd001%0d%0a5b4303e7d7/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:58:02 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/dd001
5b4303e7d7/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.265. https://fastdial.net/static/images/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload db0e6%0d%0a0df1be769df was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/common/db0e6%0d%0a0df1be769df/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:58:18 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/common/db0e6
0df1be769df/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.266. https://fastdial.net/static/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ae5d7%0d%0a33c89bab660 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ae5d7%0d%0a33c89bab660/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:54:50 GMT
Server: Apache
Location: http://fastdial.net/ae5d7
33c89bab660/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.267. https://fastdial.net/static/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ba3d2%0d%0a73defba8898 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ba3d2%0d%0a73defba8898/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:56:44 GMT
Server: Apache
Location: http://fastdial.net/static/ba3d2
73defba8898/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.268. https://fastdial.net/static/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5c223%0d%0ad359e21e70d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/5c223%0d%0ad359e21e70d/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:56:59 GMT
Server: Apache
Location: http://fastdial.net/static/images/5c223
d359e21e70d/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.269. https://fastdial.net/static/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9115f%0d%0ad0ac60eff88 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/9115f%0d%0ad0ac60eff88/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:57:18 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/9115f
d0ac60eff88/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.270. https://fastdial.net/static/images/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6989f%0d%0ad5b4d4cff0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6989f%0d%0ad5b4d4cff0/images/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:56:11 GMT
Server: Apache
Location: http://fastdial.net/6989f
d5b4d4cff0/images/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.271. https://fastdial.net/static/images/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload bca8a%0d%0acd6e1e6a7ea was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/bca8a%0d%0acd6e1e6a7ea/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:56:25 GMT
Server: Apache
Location: http://fastdial.net/static/bca8a
cd6e1e6a7ea/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.272. https://fastdial.net/static/images/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2dbf4%0d%0a2c46d9be395 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/2dbf4%0d%0a2c46d9be395/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:56:39 GMT
Server: Apache
Location: http://fastdial.net/static/images/2dbf4
2c46d9be395/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.273. https://fastdial.net/static/images/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fbe5d%0d%0a7fb4ea9ab03 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/fbe5d%0d%0a7fb4ea9ab03/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:56:56 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/fbe5d
7fb4ea9ab03/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.274. https://fastdial.net/static/images/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 95237%0d%0aae13c30429a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/common/95237%0d%0aae13c30429a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:06 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/common/95237
ae13c30429a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.275. https://fastdial.net/static/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e5b44%0d%0a0b6851bb0c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e5b44%0d%0a0b6851bb0c/images/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:04 GMT
Server: Apache
Location: http://fastdial.net/e5b44
0b6851bb0c/images/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.276. https://fastdial.net/static/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 29730%0d%0a690248cd0d9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/29730%0d%0a690248cd0d9/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:14 GMT
Server: Apache
Location: http://fastdial.net/static/29730
690248cd0d9/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.277. https://fastdial.net/static/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1ae94%0d%0ace943493d74 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/1ae94%0d%0ace943493d74/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:30 GMT
Server: Apache
Location: http://fastdial.net/static/images/1ae94
ce943493d74/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.278. https://fastdial.net/static/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e7f1c%0d%0aad8a416acc4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/e7f1c%0d%0aad8a416acc4/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:46 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/e7f1c
ad8a416acc4/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.279. https://fastdial.net/static/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 534f7%0d%0a6a4ce754259 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/common/534f7%0d%0a6a4ce754259/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:54:57 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/common/534f7
6a4ce754259/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.280. https://fastdial.net/static/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9be5c%0d%0a6cfd90f4f65 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/common/styles/9be5c%0d%0a6cfd90f4f65/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:55:15 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/common/styles/9be5c
6cfd90f4f65/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.281. https://fastdial.net/static/images/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b5f0f%0d%0a866b0d3f50f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b5f0f%0d%0a866b0d3f50f/images/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:55:06 GMT
Server: Apache
Location: http://fastdial.net/b5f0f
866b0d3f50f/images/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.282. https://fastdial.net/static/images/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload bcd0c%0d%0aef63737c82d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/bcd0c%0d%0aef63737c82d/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:55:25 GMT
Server: Apache
Location: http://fastdial.net/static/bcd0c
ef63737c82d/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.283. https://fastdial.net/static/images/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dd2b2%0d%0a2e42207e3e6 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/dd2b2%0d%0a2e42207e3e6/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:55:40 GMT
Server: Apache
Location: http://fastdial.net/static/images/dd2b2
2e42207e3e6/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.284. https://fastdial.net/static/images/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload be96c%0d%0a75e6dade574 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/be96c%0d%0a75e6dade574/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:55:55 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/be96c
75e6dade574/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.285. https://fastdial.net/static/images/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 79f96%0d%0a4d7021d97cb was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/common/79f96%0d%0a4d7021d97cb/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:56:14 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/common/79f96
4d7021d97cb/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.286. https://fastdial.net/static/images/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3b2ce%0d%0a141efec02c7 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3b2ce%0d%0a141efec02c7/images/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:02 GMT
Server: Apache
Location: http://fastdial.net/3b2ce
141efec02c7/images/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.287. https://fastdial.net/static/images/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ffd04%0d%0a8763bc81067 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ffd04%0d%0a8763bc81067/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:12 GMT
Server: Apache
Location: http://fastdial.net/static/ffd04
8763bc81067/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.288. https://fastdial.net/static/images/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 18895%0d%0a443b177e296 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/18895%0d%0a443b177e296/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:25 GMT
Server: Apache
Location: http://fastdial.net/static/images/18895
443b177e296/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.289. https://fastdial.net/static/images/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload eb63b%0d%0a04e05c17f69 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/eb63b%0d%0a04e05c17f69/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:38 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/eb63b
04e05c17f69/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.290. https://fastdial.net/static/images/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d9bda%0d%0a9c834d53b7f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/images/d9bda%0d%0a9c834d53b7f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:53 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/images/d9bda
9c834d53b7f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.291. https://fastdial.net/static/images/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9543e%0d%0a766946a035c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9543e%0d%0a766946a035c/images/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:28 GMT
Server: Apache
Location: http://fastdial.net/9543e
766946a035c/images/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.292. https://fastdial.net/static/images/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a3567%0d%0a0d69e5d5db1 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a3567%0d%0a0d69e5d5db1/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:41 GMT
Server: Apache
Location: http://fastdial.net/static/a3567
0d69e5d5db1/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.293. https://fastdial.net/static/images/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3eadd%0d%0a2ad76cb4076 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/3eadd%0d%0a2ad76cb4076/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:00:56 GMT
Server: Apache
Location: http://fastdial.net/static/images/3eadd
2ad76cb4076/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.294. https://fastdial.net/static/images/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 237b9%0d%0a2fc08e340a8 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/237b9%0d%0a2fc08e340a8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 17 Oct 2010 00:01:12 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/237b9
2fc08e340a8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.295. https://fastdial.net/static/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1c4bd%0d%0a9890d872ff1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1c4bd%0d%0a9890d872ff1/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:55:16 GMT
Server: Apache
Location: http://fastdial.net/1c4bd
9890d872ff1/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.296. https://fastdial.net/static/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a74ce%0d%0ac4132c4bf5d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a74ce%0d%0ac4132c4bf5d/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:56:53 GMT
Server: Apache
Location: http://fastdial.net/static/a74ce
c4132c4bf5d/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.297. https://fastdial.net/static/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b9124%0d%0ad4f3db233d8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/b9124%0d%0ad4f3db233d8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:57:08 GMT
Server: Apache
Location: http://fastdial.net/static/images/b9124
d4f3db233d8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.298. https://fastdial.net/static/images/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 569b6%0d%0a7b3c5c94108 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /569b6%0d%0a7b3c5c94108/images/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:59:12 GMT
Server: Apache
Location: http://fastdial.net/569b6
7b3c5c94108/images/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.299. https://fastdial.net/static/images/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 27360%0d%0afdb90fb33b7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/27360%0d%0afdb90fb33b7/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:59:22 GMT
Server: Apache
Location: http://fastdial.net/static/27360
fdb90fb33b7/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.300. https://fastdial.net/static/images/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7fdfc%0d%0abcd95c8b013 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/7fdfc%0d%0abcd95c8b013/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:59:36 GMT
Server: Apache
Location: http://fastdial.net/static/images/7fdfc
bcd95c8b013/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.301. https://fastdial.net/static/images/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 76367%0d%0a7c8460dc4e2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/76367%0d%0a7c8460dc4e2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:59:54 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/76367
7c8460dc4e2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.302. https://fastdial.net/static/images/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9d4ce%0d%0ae237a586bf0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9d4ce%0d%0ae237a586bf0/images/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:16 GMT
Server: Apache
Location: http://fastdial.net/9d4ce
e237a586bf0/images/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.303. https://fastdial.net/static/images/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 904e1%0d%0a40bb2b526ec was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/904e1%0d%0a40bb2b526ec/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:33 GMT
Server: Apache
Location: http://fastdial.net/static/904e1
40bb2b526ec/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.304. https://fastdial.net/static/images/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c91d8%0d%0a953b95005af was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/c91d8%0d%0a953b95005af/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:47 GMT
Server: Apache
Location: http://fastdial.net/static/images/c91d8
953b95005af/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.305. https://fastdial.net/static/images/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6b41b%0d%0a671acbfce2f was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/6b41b%0d%0a671acbfce2f/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:58:02 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/6b41b
671acbfce2f/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.306. https://fastdial.net/static/images/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c537f%0d%0a41a59a89b0e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/styles/c537f%0d%0a41a59a89b0e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:58:12 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/styles/c537f
41a59a89b0e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.307. https://fastdial.net/static/images/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2881c%0d%0a7404716d82c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2881c%0d%0a7404716d82c/images/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:43 GMT
Server: Apache
Location: http://fastdial.net/2881c
7404716d82c/images/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.308. https://fastdial.net/static/images/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 52f7c%0d%0a136c41ad8e5 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/52f7c%0d%0a136c41ad8e5/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:57:57 GMT
Server: Apache
Location: http://fastdial.net/static/52f7c
136c41ad8e5/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.309. https://fastdial.net/static/images/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload af5f0%0d%0ac54716a8cbc was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/images/af5f0%0d%0ac54716a8cbc/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:58:11 GMT
Server: Apache
Location: http://fastdial.net/static/images/af5f0
c54716a8cbc/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.310. https://fastdial.net/static/images/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a542b%0d%0a48b8578d7f6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/images/styles/a542b%0d%0a48b8578d7f6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:58:28 GMT
Server: Apache
Location: http://fastdial.net/static/images/styles/a542b
48b8578d7f6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.311. https://fastdial.net/static/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 29def%0d%0a74566b8bd28 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /29def%0d%0a74566b8bd28/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:52:24 GMT
Server: Apache
Location: http://fastdial.net/29def
74566b8bd28/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.312. https://fastdial.net/static/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e126c%0d%0a49fda47f8ac was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e126c%0d%0a49fda47f8ac/scripts/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:02 GMT
Server: Apache
Location: http://fastdial.net/e126c
49fda47f8ac/scripts/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.313. https://fastdial.net/static/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload cf1e3%0d%0ab30cdf3df09 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/cf1e3%0d%0ab30cdf3df09/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:16 GMT
Server: Apache
Location: http://fastdial.net/static/cf1e3
b30cdf3df09/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.314. https://fastdial.net/static/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d8058%0d%0a7970407b778 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/d8058%0d%0a7970407b778/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:33 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/d8058
7970407b778/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.315. https://fastdial.net/static/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c4360%0d%0a56b37064337 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/c4360%0d%0a56b37064337/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:44 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/c4360
56b37064337/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.316. https://fastdial.net/static/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c9009%0d%0a8752f9b6501 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/common/c9009%0d%0a8752f9b6501/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:58 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/common/c9009
8752f9b6501/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.317. https://fastdial.net/static/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 96b92%0d%0a31363946ed6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/common/images/96b92%0d%0a31363946ed6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:36:17 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/common/images/96b92
31363946ed6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.318. https://fastdial.net/static/scripts/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6730b%0d%0a8b2f4415690 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6730b%0d%0a8b2f4415690/scripts/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:13 GMT
Server: Apache
Location: http://fastdial.net/6730b
8b2f4415690/scripts/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.319. https://fastdial.net/static/scripts/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4e5b7%0d%0a24baa57551e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4e5b7%0d%0a24baa57551e/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:26 GMT
Server: Apache
Location: http://fastdial.net/static/4e5b7
24baa57551e/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.320. https://fastdial.net/static/scripts/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 55883%0d%0a55d98f6d26a was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/55883%0d%0a55d98f6d26a/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:44 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/55883
55d98f6d26a/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.321. https://fastdial.net/static/scripts/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7f5af%0d%0a4e4ed0fbb13 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/7f5af%0d%0a4e4ed0fbb13/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:58 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/7f5af
4e4ed0fbb13/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.322. https://fastdial.net/static/scripts/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3a498%0d%0a254f2273e95 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/common/3a498%0d%0a254f2273e95/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:36:12 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/common/3a498
254f2273e95/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.323. https://fastdial.net/static/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1bb61%0d%0a2da816ecbf6 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1bb61%0d%0a2da816ecbf6/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:49:33 GMT
Server: Apache
Location: http://fastdial.net/1bb61
2da816ecbf6/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.324. https://fastdial.net/static/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 40cda%0d%0a8a11f2d6e1c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/40cda%0d%0a8a11f2d6e1c/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:49:49 GMT
Server: Apache
Location: http://fastdial.net/static/40cda
8a11f2d6e1c/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.325. https://fastdial.net/static/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 303a7%0d%0a23e21afb9ac was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/303a7%0d%0a23e21afb9ac/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:50:07 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/303a7
23e21afb9ac/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.326. https://fastdial.net/static/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 55550%0d%0a64eef077551 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/55550%0d%0a64eef077551/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:50:23 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/55550
64eef077551/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.327. https://fastdial.net/static/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c086e%0d%0a64e608f6649 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c086e%0d%0a64e608f6649/scripts/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:34:53 GMT
Server: Apache
Location: http://fastdial.net/c086e
64e608f6649/scripts/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.328. https://fastdial.net/static/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 276d2%0d%0aee159329aa2 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/276d2%0d%0aee159329aa2/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:07 GMT
Server: Apache
Location: http://fastdial.net/static/276d2
ee159329aa2/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.329. https://fastdial.net/static/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b4b70%0d%0a42ac7f17a83 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/b4b70%0d%0a42ac7f17a83/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:21 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/b4b70
42ac7f17a83/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.330. https://fastdial.net/static/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c11ff%0d%0ad43b345749e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/c11ff%0d%0ad43b345749e/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:35 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/c11ff
d43b345749e/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.331. https://fastdial.net/static/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 8520e%0d%0a5b7d1ac2783 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/common/8520e%0d%0a5b7d1ac2783/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:45 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/common/8520e
5b7d1ac2783/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.332. https://fastdial.net/static/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8ceaa%0d%0a9886cf52aae was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8ceaa%0d%0a9886cf52aae/scripts/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:33:47 GMT
Server: Apache
Location: http://fastdial.net/8ceaa
9886cf52aae/scripts/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.333. https://fastdial.net/static/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e026a%0d%0ae9ebd6a1d12 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e026a%0d%0ae9ebd6a1d12/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:34:03 GMT
Server: Apache
Location: http://fastdial.net/static/e026a
e9ebd6a1d12/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.334. https://fastdial.net/static/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1b864%0d%0a9fb53259b5d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/1b864%0d%0a9fb53259b5d/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:34:18 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/1b864
9fb53259b5d/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.335. https://fastdial.net/static/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fa01b%0d%0af98916f1052 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/fa01b%0d%0af98916f1052/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:34:31 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/fa01b
f98916f1052/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.336. https://fastdial.net/static/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5bfd5%0d%0a8269d761854 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/common/5bfd5%0d%0a8269d761854/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:34:46 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/common/5bfd5
8269d761854/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.337. https://fastdial.net/static/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1f453%0d%0aa1222402de1 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/common/styles/1f453%0d%0aa1222402de1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:00 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/common/styles/1f453
a1222402de1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.338. https://fastdial.net/static/scripts/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7a222%0d%0a323b3155128 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7a222%0d%0a323b3155128/scripts/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:34:13 GMT
Server: Apache
Location: http://fastdial.net/7a222
323b3155128/scripts/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.339. https://fastdial.net/static/scripts/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7943a%0d%0a796bfaa51a6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7943a%0d%0a796bfaa51a6/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:34:27 GMT
Server: Apache
Location: http://fastdial.net/static/7943a
796bfaa51a6/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.340. https://fastdial.net/static/scripts/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9c742%0d%0a5fe11948686 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/9c742%0d%0a5fe11948686/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:34:45 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/9c742
5fe11948686/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.341. https://fastdial.net/static/scripts/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7906e%0d%0ac1e2c6dbf4f was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/7906e%0d%0ac1e2c6dbf4f/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:34:56 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/7906e
c1e2c6dbf4f/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.342. https://fastdial.net/static/scripts/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6cfa1%0d%0a449264d6d98 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/common/6cfa1%0d%0a449264d6d98/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:35:10 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/common/6cfa1
449264d6d98/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.343. https://fastdial.net/static/scripts/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 17bb1%0d%0aaf3290b9847 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /17bb1%0d%0aaf3290b9847/scripts/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:45 GMT
Server: Apache
Location: http://fastdial.net/17bb1
af3290b9847/scripts/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.344. https://fastdial.net/static/scripts/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload afbd0%0d%0adb3e172331c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/afbd0%0d%0adb3e172331c/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:38:04 GMT
Server: Apache
Location: http://fastdial.net/static/afbd0
db3e172331c/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.345. https://fastdial.net/static/scripts/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload fb70b%0d%0a434cca14dc8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/fb70b%0d%0a434cca14dc8/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:38:17 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/fb70b
434cca14dc8/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.346. https://fastdial.net/static/scripts/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 61a7d%0d%0a7a8b655b517 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/61a7d%0d%0a7a8b655b517/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:38:31 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/61a7d
7a8b655b517/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.347. https://fastdial.net/static/scripts/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 12467%0d%0ac74ab46629d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/images/12467%0d%0ac74ab46629d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:38:42 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/images/12467
c74ab46629d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.348. https://fastdial.net/static/scripts/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f0ee7%0d%0ad3265391271 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f0ee7%0d%0ad3265391271/scripts/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:38:22 GMT
Server: Apache
Location: http://fastdial.net/f0ee7
d3265391271/scripts/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.349. https://fastdial.net/static/scripts/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 663fe%0d%0a6d28b5e0fd1 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/663fe%0d%0a6d28b5e0fd1/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:38:36 GMT
Server: Apache
Location: http://fastdial.net/static/663fe
6d28b5e0fd1/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.350. https://fastdial.net/static/scripts/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 339e4%0d%0ae1278bbada9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/339e4%0d%0ae1278bbada9/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:38:50 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/339e4
e1278bbada9/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.351. https://fastdial.net/static/scripts/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5f6ca%0d%0a27db0077843 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/5f6ca%0d%0a27db0077843/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:39:03 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/5f6ca
27db0077843/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.352. https://fastdial.net/static/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c4733%0d%0a44356e1738b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c4733%0d%0a44356e1738b/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:50:11 GMT
Server: Apache
Location: http://fastdial.net/c4733
44356e1738b/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.353. https://fastdial.net/static/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 316b5%0d%0a7fb8b86bf19 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/316b5%0d%0a7fb8b86bf19/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:50:26 GMT
Server: Apache
Location: http://fastdial.net/static/316b5
7fb8b86bf19/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.354. https://fastdial.net/static/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 821bf%0d%0a601637b356c was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/821bf%0d%0a601637b356c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:50:39 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/821bf
601637b356c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.355. https://fastdial.net/static/scripts/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload bd44c%0d%0ab8bd2104bf5 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /bd44c%0d%0ab8bd2104bf5/scripts/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:36 GMT
Server: Apache
Location: http://fastdial.net/bd44c
b8bd2104bf5/scripts/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.356. https://fastdial.net/static/scripts/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload df10e%0d%0a6bd5096966a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/df10e%0d%0a6bd5096966a/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:50 GMT
Server: Apache
Location: http://fastdial.net/static/df10e
6bd5096966a/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.357. https://fastdial.net/static/scripts/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 407db%0d%0aaf846023348 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/407db%0d%0aaf846023348/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:38:02 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/407db
af846023348/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.358. https://fastdial.net/static/scripts/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 348d4%0d%0aebf89868a7b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/348d4%0d%0aebf89868a7b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:38:18 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/348d4
ebf89868a7b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.359. https://fastdial.net/static/scripts/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 750ca%0d%0a4c2b4677564 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /750ca%0d%0a4c2b4677564/scripts/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:36:47 GMT
Server: Apache
Location: http://fastdial.net/750ca
4c2b4677564/scripts/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.360. https://fastdial.net/static/scripts/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 950fe%0d%0ac5ee3703da8 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/950fe%0d%0ac5ee3703da8/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:05 GMT
Server: Apache
Location: http://fastdial.net/static/950fe
c5ee3703da8/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.361. https://fastdial.net/static/scripts/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 87eb1%0d%0a49534267ed8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/87eb1%0d%0a49534267ed8/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:21 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/87eb1
49534267ed8/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.362. https://fastdial.net/static/scripts/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 97e55%0d%0ac48b12ca9a2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/97e55%0d%0ac48b12ca9a2/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:33 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/97e55
c48b12ca9a2/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.363. https://fastdial.net/static/scripts/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 8abd8%0d%0a263a0b05503 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/styles/8abd8%0d%0a263a0b05503/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:48 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/styles/8abd8
263a0b05503/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.364. https://fastdial.net/static/scripts/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1e08d%0d%0a7de3c18b1d2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1e08d%0d%0a7de3c18b1d2/scripts/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:13 GMT
Server: Apache
Location: http://fastdial.net/1e08d
7de3c18b1d2/scripts/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.365. https://fastdial.net/static/scripts/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7810b%0d%0aa3624b0bca8 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7810b%0d%0aa3624b0bca8/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:27 GMT
Server: Apache
Location: http://fastdial.net/static/7810b
a3624b0bca8/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.366. https://fastdial.net/static/scripts/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c54f0%0d%0ac4e3a850498 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/c54f0%0d%0ac4e3a850498/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:41 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/c54f0
c4e3a850498/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.367. https://fastdial.net/static/scripts/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5babc%0d%0aadc61d747f4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/images/5babc%0d%0aadc61d747f4/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:37:57 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/images/5babc
adc61d747f4/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.368. https://fastdial.net/static/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2fa19%0d%0a7eaec8b220f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2fa19%0d%0a7eaec8b220f/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:48:23 GMT
Server: Apache
Location: http://fastdial.net/2fa19
7eaec8b220f/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.369. https://fastdial.net/static/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9701b%0d%0a278ef410844 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9701b%0d%0a278ef410844/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:48:38 GMT
Server: Apache
Location: http://fastdial.net/static/9701b
278ef410844/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.370. https://fastdial.net/static/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 29d95%0d%0af7e5336354e was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /29d95%0d%0af7e5336354e/scripts/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:16 GMT
Server: Apache
Location: http://fastdial.net/29d95
f7e5336354e/scripts/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.371. https://fastdial.net/static/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload bed67%0d%0afa79cf3e405 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/bed67%0d%0afa79cf3e405/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:34 GMT
Server: Apache
Location: http://fastdial.net/static/bed67
fa79cf3e405/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.372. https://fastdial.net/static/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9fe7e%0d%0a4eba70cac74 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/9fe7e%0d%0a4eba70cac74/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:46 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/9fe7e
4eba70cac74/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.373. https://fastdial.net/static/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload aa886%0d%0ab3169c9171a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/scripts/aa886%0d%0ab3169c9171a/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:33:03 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/scripts/aa886
b3169c9171a/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.374. https://fastdial.net/static/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a850d%0d%0a3b52250b923 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/scripts/images/a850d%0d%0a3b52250b923/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:33:18 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/scripts/images/a850d
3b52250b923/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.375. https://fastdial.net/static/scripts/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 73713%0d%0a8b061433e9b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /73713%0d%0a8b061433e9b/scripts/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:27 GMT
Server: Apache
Location: http://fastdial.net/73713
8b061433e9b/scripts/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.376. https://fastdial.net/static/scripts/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 89b51%0d%0a78a268445de was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/89b51%0d%0a78a268445de/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:42 GMT
Server: Apache
Location: http://fastdial.net/static/89b51
78a268445de/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.377. https://fastdial.net/static/scripts/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d0b71%0d%0a935e80d651a was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/d0b71%0d%0a935e80d651a/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:55 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/d0b71
935e80d651a/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.378. https://fastdial.net/static/scripts/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7ab82%0d%0a166377830de was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/scripts/7ab82%0d%0a166377830de/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:33:10 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/scripts/7ab82
166377830de/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.379. https://fastdial.net/static/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a7aac%0d%0a2f02a3af2cc was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a7aac%0d%0a2f02a3af2cc/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:48:27 GMT
Server: Apache
Location: http://fastdial.net/a7aac
2f02a3af2cc/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.380. https://fastdial.net/static/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload adfe7%0d%0a084b95266e7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/adfe7%0d%0a084b95266e7/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:48:45 GMT
Server: Apache
Location: http://fastdial.net/static/adfe7
084b95266e7/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.381. https://fastdial.net/static/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d8b50%0d%0a12409491ff7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/d8b50%0d%0a12409491ff7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:48:57 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/d8b50
12409491ff7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.382. https://fastdial.net/static/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f9868%0d%0a48a881c9643 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f9868%0d%0a48a881c9643/scripts/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:10 GMT
Server: Apache
Location: http://fastdial.net/f9868
48a881c9643/scripts/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.383. https://fastdial.net/static/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 508d1%0d%0ac6c264e5f52 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/508d1%0d%0ac6c264e5f52/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:27 GMT
Server: Apache
Location: http://fastdial.net/static/508d1
c6c264e5f52/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.384. https://fastdial.net/static/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2bb9f%0d%0ab494c9a8b22 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/2bb9f%0d%0ab494c9a8b22/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:43 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/2bb9f
b494c9a8b22/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.385. https://fastdial.net/static/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 66032%0d%0aab92292b0b0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/scripts/66032%0d%0aab92292b0b0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:53 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/scripts/66032
ab92292b0b0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.386. https://fastdial.net/static/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c2eaa%0d%0a07d581cfd9c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c2eaa%0d%0a07d581cfd9c/scripts/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:31:10 GMT
Server: Apache
Location: http://fastdial.net/c2eaa
07d581cfd9c/scripts/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.387. https://fastdial.net/static/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d65a0%0d%0a745dac714b4 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d65a0%0d%0a745dac714b4/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:31:23 GMT
Server: Apache
Location: http://fastdial.net/static/d65a0
745dac714b4/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.388. https://fastdial.net/static/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 56752%0d%0afb465139ff7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/56752%0d%0afb465139ff7/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:31:34 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/56752
fb465139ff7/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.389. https://fastdial.net/static/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7276e%0d%0acbffedee502 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/scripts/7276e%0d%0acbffedee502/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:31:53 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/scripts/7276e
cbffedee502/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.390. https://fastdial.net/static/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 12c81%0d%0a47569a757b4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/scripts/styles/12c81%0d%0a47569a757b4/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:09 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/scripts/styles/12c81
47569a757b4/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.391. https://fastdial.net/static/scripts/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 45afa%0d%0a5b0ef223ed3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /45afa%0d%0a5b0ef223ed3/scripts/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:31:49 GMT
Server: Apache
Location: http://fastdial.net/45afa
5b0ef223ed3/scripts/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.392. https://fastdial.net/static/scripts/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 96464%0d%0aa723879a1b9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/96464%0d%0aa723879a1b9/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:05 GMT
Server: Apache
Location: http://fastdial.net/static/96464
a723879a1b9/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.393. https://fastdial.net/static/scripts/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d17b3%0d%0a9fe41e93725 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/d17b3%0d%0a9fe41e93725/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:20 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/d17b3
9fe41e93725/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.394. https://fastdial.net/static/scripts/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b5fab%0d%0a410e9e7b20b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/scripts/b5fab%0d%0a410e9e7b20b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:32:34 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/scripts/b5fab
410e9e7b20b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.395. https://fastdial.net/static/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4c14b%0d%0a06ce11cd390 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4c14b%0d%0a06ce11cd390/scripts/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:11:27 GMT
Server: Apache
Location: http://fastdial.net/4c14b
06ce11cd390/scripts/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.396. https://fastdial.net/static/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d6a6a%0d%0a2e59a49f094 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d6a6a%0d%0a2e59a49f094/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:43 GMT
Server: Apache
Location: http://fastdial.net/static/d6a6a
2e59a49f094/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.397. https://fastdial.net/static/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 47b9f%0d%0a9673c438105 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/47b9f%0d%0a9673c438105/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:56 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/47b9f
9673c438105/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.398. https://fastdial.net/static/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5347e%0d%0af89beb6f909 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/5347e%0d%0af89beb6f909/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:10 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/5347e
f89beb6f909/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.399. https://fastdial.net/static/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 38f6d%0d%0aefb76c3b95b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/38f6d%0d%0aefb76c3b95b/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:28 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/38f6d
efb76c3b95b/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.400. https://fastdial.net/static/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 4fd67%0d%0a793e1109143 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/images/4fd67%0d%0a793e1109143/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:37 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/images/4fd67
793e1109143/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.401. https://fastdial.net/static/scripts/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a7d80%0d%0a0b67d0c6cb1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a7d80%0d%0a0b67d0c6cb1/scripts/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:11:40 GMT
Server: Apache
Location: http://fastdial.net/a7d80
0b67d0c6cb1/scripts/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.402. https://fastdial.net/static/scripts/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload eb2f5%0d%0aed16bf16322 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/eb2f5%0d%0aed16bf16322/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:43 GMT
Server: Apache
Location: http://fastdial.net/static/eb2f5
ed16bf16322/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.403. https://fastdial.net/static/scripts/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9476e%0d%0a5995bd7a4eb was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/9476e%0d%0a5995bd7a4eb/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:56 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/9476e
5995bd7a4eb/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.404. https://fastdial.net/static/scripts/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 49d59%0d%0af64aba5e5a2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/49d59%0d%0af64aba5e5a2/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:10 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/49d59
f64aba5e5a2/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.405. https://fastdial.net/static/scripts/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 8704f%0d%0a5159edf364d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/8704f%0d%0a5159edf364d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:24 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/8704f
5159edf364d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.406. https://fastdial.net/static/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 354c0%0d%0afd4b23f0c2a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /354c0%0d%0afd4b23f0c2a/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:44:16 GMT
Server: Apache
Location: http://fastdial.net/354c0
fd4b23f0c2a/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.407. https://fastdial.net/static/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b8c84%0d%0af4f04f17c48 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b8c84%0d%0af4f04f17c48/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:44:28 GMT
Server: Apache
Location: http://fastdial.net/static/b8c84
f4f04f17c48/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.408. https://fastdial.net/static/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 8b869%0d%0a6a09b427d16 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/8b869%0d%0a6a09b427d16/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:44:46 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/8b869
6a09b427d16/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.409. https://fastdial.net/static/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 23c6f%0d%0afdcbe863121 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/23c6f%0d%0afdcbe863121/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:45:20 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/23c6f
fdcbe863121/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.410. https://fastdial.net/static/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 419a2%0d%0af9bce23397a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /419a2%0d%0af9bce23397a/scripts/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:02 GMT
Server: Apache
Location: http://fastdial.net/419a2
f9bce23397a/scripts/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.411. https://fastdial.net/static/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8cc88%0d%0af4579fb1c14 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8cc88%0d%0af4579fb1c14/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:20 GMT
Server: Apache
Location: http://fastdial.net/static/8cc88
f4579fb1c14/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.412. https://fastdial.net/static/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 44617%0d%0a4d909154af2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/44617%0d%0a4d909154af2/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:49 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/44617
4d909154af2/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.413. https://fastdial.net/static/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 83898%0d%0a5d79a98f570 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/83898%0d%0a5d79a98f570/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:09:25 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/83898
5d79a98f570/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.414. https://fastdial.net/static/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5e614%0d%0af342fc76150 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/5e614%0d%0af342fc76150/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:09:44 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/5e614
f342fc76150/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.415. https://fastdial.net/static/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5e099%0d%0a9a699332cb9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5e099%0d%0a9a699332cb9/scripts/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:03:15 GMT
Server: Apache
Location: http://fastdial.net/5e099
9a699332cb9/scripts/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.416. https://fastdial.net/static/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1e472%0d%0a8dd03d61e4d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1e472%0d%0a8dd03d61e4d/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:04:33 GMT
Server: Apache
Location: http://fastdial.net/static/1e472
8dd03d61e4d/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.417. https://fastdial.net/static/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5c87a%0d%0ac51382f4ee2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/5c87a%0d%0ac51382f4ee2/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:04:50 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/5c87a
c51382f4ee2/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.418. https://fastdial.net/static/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6d12f%0d%0a4ead5e1f6df was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/6d12f%0d%0a4ead5e1f6df/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:08 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/6d12f
4ead5e1f6df/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.419. https://fastdial.net/static/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 19638%0d%0a90c8e9056d8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/19638%0d%0a90c8e9056d8/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:22 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/19638
90c8e9056d8/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.420. https://fastdial.net/static/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7a9e8%0d%0a07bf7067427 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/styles/7a9e8%0d%0a07bf7067427/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:32 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/styles/7a9e8
07bf7067427/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.421. https://fastdial.net/static/scripts/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b5a8c%0d%0abd7e64d5ac9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b5a8c%0d%0abd7e64d5ac9/scripts/styles/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:07:51 GMT
Server: Apache
Location: http://fastdial.net/b5a8c
bd7e64d5ac9/scripts/styles/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.422. https://fastdial.net/static/scripts/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7cf08%0d%0a57cab17d044 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7cf08%0d%0a57cab17d044/styles/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:03 GMT
Server: Apache
Location: http://fastdial.net/static/7cf08
57cab17d044/styles/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.423. https://fastdial.net/static/scripts/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7f0ea%0d%0a7ef0fda7f3f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/7f0ea%0d%0a7ef0fda7f3f/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:13 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/7f0ea
7ef0fda7f3f/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.424. https://fastdial.net/static/scripts/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload eb59e%0d%0a368baab002 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/eb59e%0d%0a368baab002/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:30 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/eb59e
368baab002/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.425. https://fastdial.net/static/scripts/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 34d60%0d%0a9e8a13ca2c1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/34d60%0d%0a9e8a13ca2c1/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:53 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/34d60
9e8a13ca2c1/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.426. https://fastdial.net/static/scripts/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload beffe%0d%0a1aede6ca8ec was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/styles/beffe%0d%0a1aede6ca8ec/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:09:21 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/styles/beffe
1aede6ca8ec/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.427. https://fastdial.net/static/scripts/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 4982c%0d%0a00a9c969c11 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/styles/images/4982c%0d%0a00a9c969c11/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:09:35 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/styles/images/4982c
00a9c969c11/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.428. https://fastdial.net/static/scripts/styles/common/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3961b%0d%0ae5c9bd6d254 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3961b%0d%0ae5c9bd6d254/scripts/styles/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:07:59 GMT
Server: Apache
Location: http://fastdial.net/3961b
e5c9bd6d254/scripts/styles/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.429. https://fastdial.net/static/scripts/styles/common/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c507e%0d%0ae40c4255e5a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c507e%0d%0ae40c4255e5a/styles/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:09 GMT
Server: Apache
Location: http://fastdial.net/static/c507e
e40c4255e5a/styles/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.430. https://fastdial.net/static/scripts/styles/common/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 89d16%0d%0a84e1a1ebed2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/89d16%0d%0a84e1a1ebed2/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:26 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/89d16
84e1a1ebed2/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.431. https://fastdial.net/static/scripts/styles/common/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1f07f%0d%0a40b5ef2281d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/1f07f%0d%0a40b5ef2281d/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:46 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/1f07f
40b5ef2281d/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.432. https://fastdial.net/static/scripts/styles/common/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c231f%0d%0a2c17331f187 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/c231f%0d%0a2c17331f187/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:09:00 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/c231f
2c17331f187/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.433. https://fastdial.net/static/scripts/styles/common/styles/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload da091%0d%0a10224265854 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/styles/da091%0d%0a10224265854/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:09:25 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/styles/da091
10224265854/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.434. https://fastdial.net/static/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5786c%0d%0a7d5f1a91985 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5786c%0d%0a7d5f1a91985/scripts/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:43:59 GMT
Server: Apache
Location: http://fastdial.net/5786c
7d5f1a91985/scripts/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.435. https://fastdial.net/static/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ff5ce%0d%0ae7a865f2bb1 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ff5ce%0d%0ae7a865f2bb1/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:44:15 GMT
Server: Apache
Location: http://fastdial.net/static/ff5ce
e7a865f2bb1/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.436. https://fastdial.net/static/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d5d58%0d%0a23f8f4895c0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/d5d58%0d%0a23f8f4895c0/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:44:27 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/d5d58
23f8f4895c0/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.437. https://fastdial.net/static/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 39d2a%0d%0ae194e29613d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/39d2a%0d%0ae194e29613d/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:44:46 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/39d2a
e194e29613d/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.438. https://fastdial.net/static/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1800e%0d%0aeab93520cac was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/1800e%0d%0aeab93520cac/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:45:21 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/1800e
eab93520cac/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.439. https://fastdial.net/static/scripts/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 37695%0d%0a022540967cd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /37695%0d%0a022540967cd/scripts/styles/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:07:39 GMT
Server: Apache
Location: http://fastdial.net/37695
022540967cd/scripts/styles/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.440. https://fastdial.net/static/scripts/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1f188%0d%0a17bca652446 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1f188%0d%0a17bca652446/styles/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:03 GMT
Server: Apache
Location: http://fastdial.net/static/1f188
17bca652446/styles/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.441. https://fastdial.net/static/scripts/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d0360%0d%0acc85e20822e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/d0360%0d%0acc85e20822e/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:16 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/d0360
cc85e20822e/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.442. https://fastdial.net/static/scripts/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2d314%0d%0a5cc912f8f11 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/2d314%0d%0a5cc912f8f11/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:30 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/2d314
5cc912f8f11/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.443. https://fastdial.net/static/scripts/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2b121%0d%0a3136534c54 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/2b121%0d%0a3136534c54/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:42 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/2b121
3136534c54/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.444. https://fastdial.net/static/scripts/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 82623%0d%0a6071cb032a4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/styles/82623%0d%0a6071cb032a4/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:09:17 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/styles/82623
6071cb032a4/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.445. https://fastdial.net/static/scripts/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 45e95%0d%0a1fcd613b619 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /45e95%0d%0a1fcd613b619/scripts/styles/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:03:34 GMT
Server: Apache
Location: http://fastdial.net/45e95
1fcd613b619/scripts/styles/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.446. https://fastdial.net/static/scripts/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e79cb%0d%0a0c6247b8d2d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e79cb%0d%0a0c6247b8d2d/styles/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:04:33 GMT
Server: Apache
Location: http://fastdial.net/static/e79cb
0c6247b8d2d/styles/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.447. https://fastdial.net/static/scripts/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload fa1d2%0d%0afaae64d640c was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/fa1d2%0d%0afaae64d640c/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:04:58 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/fa1d2
faae64d640c/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.448. https://fastdial.net/static/scripts/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 147f0%0d%0acf9eb02d3c6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/147f0%0d%0acf9eb02d3c6/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:12 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/147f0
cf9eb02d3c6/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.449. https://fastdial.net/static/scripts/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 44e0c%0d%0a91ceb0df029 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/44e0c%0d%0a91ceb0df029/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:32 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/44e0c
91ceb0df029/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.450. https://fastdial.net/static/scripts/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f7f38%0d%0aacac4e1de74 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/styles/f7f38%0d%0aacac4e1de74/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:46 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/styles/f7f38
acac4e1de74/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.451. https://fastdial.net/static/scripts/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 9004d%0d%0a18908ea2c24 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/styles/styles/9004d%0d%0a18908ea2c24/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:06:04 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/styles/styles/9004d
18908ea2c24/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.452. https://fastdial.net/static/scripts/styles/common/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 59faa%0d%0a31c7f6a02c1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /59faa%0d%0a31c7f6a02c1/scripts/styles/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:07:18 GMT
Server: Apache
Location: http://fastdial.net/59faa
31c7f6a02c1/scripts/styles/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.453. https://fastdial.net/static/scripts/styles/common/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8eb2c%0d%0a8cd4c98d1ca was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8eb2c%0d%0a8cd4c98d1ca/styles/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:03 GMT
Server: Apache
Location: http://fastdial.net/static/8eb2c
8cd4c98d1ca/styles/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.454. https://fastdial.net/static/scripts/styles/common/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 53339%0d%0a5b44f7ef0f3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/53339%0d%0a5b44f7ef0f3/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:16 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/53339
5b44f7ef0f3/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.455. https://fastdial.net/static/scripts/styles/common/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6ebd0%0d%0a1813bca2e12 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/6ebd0%0d%0a1813bca2e12/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:08:26 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/6ebd0
1813bca2e12/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.456. https://fastdial.net/static/scripts/styles/common/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7f2e4%0d%0a494aca2cf8e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/7f2e4%0d%0a494aca2cf8e/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:09:20 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/7f2e4
494aca2cf8e/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.457. https://fastdial.net/static/scripts/styles/common/styles/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 5f296%0d%0add6ada24dfe was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/common/styles/5f296%0d%0add6ada24dfe/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:09:31 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/common/styles/5f296
dd6ada24dfe/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.458. https://fastdial.net/static/scripts/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 34271%0d%0ab6bae809073 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /34271%0d%0ab6bae809073/scripts/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:25:33 GMT
Server: Apache
Location: http://fastdial.net/34271
b6bae809073/scripts/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.459. https://fastdial.net/static/scripts/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload dca75%0d%0a5e0d7c107cf was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/dca75%0d%0a5e0d7c107cf/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:25:47 GMT
Server: Apache
Location: http://fastdial.net/static/dca75
5e0d7c107cf/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.460. https://fastdial.net/static/scripts/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bc2c0%0d%0a54a5d2c5758 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/bc2c0%0d%0a54a5d2c5758/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:25:59 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/bc2c0
54a5d2c5758/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.461. https://fastdial.net/static/scripts/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 31735%0d%0a2abdd57a27c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/31735%0d%0a2abdd57a27c/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:14 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/31735
2abdd57a27c/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.462. https://fastdial.net/static/scripts/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6cc45%0d%0a3e35c1d42d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/6cc45%0d%0a3e35c1d42d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:24 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/6cc45
3e35c1d42d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.463. https://fastdial.net/static/scripts/styles/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 40010%0d%0ab9c4135c411 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /40010%0d%0ab9c4135c411/scripts/styles/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:24:54 GMT
Server: Apache
Location: http://fastdial.net/40010
b9c4135c411/scripts/styles/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.464. https://fastdial.net/static/scripts/styles/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5213a%0d%0abbed578aa0e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5213a%0d%0abbed578aa0e/styles/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:25:04 GMT
Server: Apache
Location: http://fastdial.net/static/5213a
bbed578aa0e/styles/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.465. https://fastdial.net/static/scripts/styles/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 31d8a%0d%0a0551c598629 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/31d8a%0d%0a0551c598629/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:25:53 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/31d8a
0551c598629/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.466. https://fastdial.net/static/scripts/styles/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 56588%0d%0a5ffab6be36b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/56588%0d%0a5ffab6be36b/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:07 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/56588
5ffab6be36b/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.467. https://fastdial.net/static/scripts/styles/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3753b%0d%0a0b8026cb544 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/3753b%0d%0a0b8026cb544/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:18 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/3753b
0b8026cb544/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.468. https://fastdial.net/static/scripts/styles/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload cedc8%0d%0ada5d55a9403 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/common/cedc8%0d%0ada5d55a9403/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:32 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/common/cedc8
da5d55a9403/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.469. https://fastdial.net/static/scripts/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ecd46%0d%0af903c189add was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ecd46%0d%0af903c189add/scripts/styles/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:24:21 GMT
Server: Apache
Location: http://fastdial.net/ecd46
f903c189add/scripts/styles/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.470. https://fastdial.net/static/scripts/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d2aff%0d%0a36cad702f62 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d2aff%0d%0a36cad702f62/styles/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:25:53 GMT
Server: Apache
Location: http://fastdial.net/static/d2aff
36cad702f62/styles/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.471. https://fastdial.net/static/scripts/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c78d5%0d%0a87868a83112 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/c78d5%0d%0a87868a83112/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:06 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/c78d5
87868a83112/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.472. https://fastdial.net/static/scripts/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 14162%0d%0a53a9d42a310 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/14162%0d%0a53a9d42a310/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:18 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/14162
53a9d42a310/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.473. https://fastdial.net/static/scripts/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 51e39%0d%0a65bd75de9c5 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/51e39%0d%0a65bd75de9c5/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:39 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/51e39
65bd75de9c5/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.474. https://fastdial.net/static/scripts/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a7e2b%0d%0a49352dd8be0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/common/a7e2b%0d%0a49352dd8be0/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:56 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/common/a7e2b
49352dd8be0/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.475. https://fastdial.net/static/scripts/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload a4a90%0d%0a1e9b31ad8f2 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/common/styles/a4a90%0d%0a1e9b31ad8f2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:27:12 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/common/styles/a4a90
1e9b31ad8f2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.476. https://fastdial.net/static/scripts/styles/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 677d5%0d%0ae7d89cf0ccb was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /677d5%0d%0ae7d89cf0ccb/scripts/styles/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:24:26 GMT
Server: Apache
Location: http://fastdial.net/677d5
e7d89cf0ccb/scripts/styles/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.477. https://fastdial.net/static/scripts/styles/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 27c6c%0d%0a76f7591f459 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/27c6c%0d%0a76f7591f459/styles/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:24:40 GMT
Server: Apache
Location: http://fastdial.net/static/27c6c
76f7591f459/styles/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.478. https://fastdial.net/static/scripts/styles/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4090c%0d%0a3f76169e757 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/4090c%0d%0a3f76169e757/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:24:50 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/4090c
3f76169e757/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.479. https://fastdial.net/static/scripts/styles/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 985fe%0d%0ab27ea1a6fb6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/985fe%0d%0ab27ea1a6fb6/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:25:53 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/985fe
b27ea1a6fb6/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.480. https://fastdial.net/static/scripts/styles/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4c1b8%0d%0a656d9b5c520 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/4c1b8%0d%0a656d9b5c520/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:06 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/4c1b8
656d9b5c520/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.481. https://fastdial.net/static/scripts/styles/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 19306%0d%0ae7d6281bbc0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/common/19306%0d%0ae7d6281bbc0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:17 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/common/19306
e7d6281bbc0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.482. https://fastdial.net/static/scripts/styles/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 354bd%0d%0a5a008b0ef42 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /354bd%0d%0a5a008b0ef42/scripts/styles/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:22 GMT
Server: Apache
Location: http://fastdial.net/354bd
5a008b0ef42/scripts/styles/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.483. https://fastdial.net/static/scripts/styles/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 20bee%0d%0af2f3e17153 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/20bee%0d%0af2f3e17153/styles/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:34 GMT
Server: Apache
Location: http://fastdial.net/static/20bee
f2f3e17153/styles/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.484. https://fastdial.net/static/scripts/styles/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5482a%0d%0a3c066c6dba7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/5482a%0d%0a3c066c6dba7/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:44 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/5482a
3c066c6dba7/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.485. https://fastdial.net/static/scripts/styles/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4ded1%0d%0a056a14300c9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/4ded1%0d%0a056a14300c9/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:57 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/4ded1
056a14300c9/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.486. https://fastdial.net/static/scripts/styles/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d4a85%0d%0a1edf2fb33a4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/d4a85%0d%0a1edf2fb33a4/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:30:15 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/d4a85
1edf2fb33a4/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.487. https://fastdial.net/static/scripts/styles/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 5553b%0d%0affa44d037f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/images/5553b%0d%0affa44d037f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:30:30 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/images/5553b
ffa44d037f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.488. https://fastdial.net/static/scripts/styles/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 701d6%0d%0ae59e4ad98f2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /701d6%0d%0ae59e4ad98f2/scripts/styles/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:30:27 GMT
Server: Apache
Location: http://fastdial.net/701d6
e59e4ad98f2/scripts/styles/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.489. https://fastdial.net/static/scripts/styles/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a983b%0d%0a958f1fee29a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a983b%0d%0a958f1fee29a/styles/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:30:48 GMT
Server: Apache
Location: http://fastdial.net/static/a983b
958f1fee29a/styles/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.490. https://fastdial.net/static/scripts/styles/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ad57f%0d%0a81f03d67303 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/ad57f%0d%0a81f03d67303/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:31:01 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/ad57f
81f03d67303/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.491. https://fastdial.net/static/scripts/styles/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c9861%0d%0a517f21928e0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/c9861%0d%0a517f21928e0/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:31:15 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/c9861
517f21928e0/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.492. https://fastdial.net/static/scripts/styles/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e0967%0d%0a64b1acc322a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/e0967%0d%0a64b1acc322a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:31:26 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/e0967
64b1acc322a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.493. https://fastdial.net/static/scripts/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 14655%0d%0a4287ed9ce2b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /14655%0d%0a4287ed9ce2b/scripts/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:47:51 GMT
Server: Apache
Location: http://fastdial.net/14655
4287ed9ce2b/scripts/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.494. https://fastdial.net/static/scripts/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2a17e%0d%0af9982db2b68 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2a17e%0d%0af9982db2b68/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:48:07 GMT
Server: Apache
Location: http://fastdial.net/static/2a17e
f9982db2b68/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.495. https://fastdial.net/static/scripts/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload def35%0d%0a0205515389b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/def35%0d%0a0205515389b/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:48:22 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/def35
0205515389b/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.496. https://fastdial.net/static/scripts/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c5db5%0d%0ae7d28e6c1a5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/c5db5%0d%0ae7d28e6c1a5/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:48:42 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/c5db5
e7d28e6c1a5/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.497. https://fastdial.net/static/scripts/styles/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3953b%0d%0a1c4b2d3044a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3953b%0d%0a1c4b2d3044a/scripts/styles/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:15 GMT
Server: Apache
Location: http://fastdial.net/3953b
1c4b2d3044a/scripts/styles/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.498. https://fastdial.net/static/scripts/styles/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload da9a9%0d%0a98a8048f4bd was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/da9a9%0d%0a98a8048f4bd/styles/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:31 GMT
Server: Apache
Location: http://fastdial.net/static/da9a9
98a8048f4bd/styles/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.499. https://fastdial.net/static/scripts/styles/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5116d%0d%0aa8b243441d3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/5116d%0d%0aa8b243441d3/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:41 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/5116d
a8b243441d3/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.500. https://fastdial.net/static/scripts/styles/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 350a3%0d%0a73d9ef8b6ba was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/350a3%0d%0a73d9ef8b6ba/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:57 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/350a3
73d9ef8b6ba/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.501. https://fastdial.net/static/scripts/styles/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f1a30%0d%0a490e50769e3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/f1a30%0d%0a490e50769e3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:30:11 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/f1a30
490e50769e3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.502. https://fastdial.net/static/scripts/styles/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2973a%0d%0ab9b5bb0a00c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2973a%0d%0ab9b5bb0a00c/scripts/styles/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:28:35 GMT
Server: Apache
Location: http://fastdial.net/2973a
b9b5bb0a00c/scripts/styles/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.503. https://fastdial.net/static/scripts/styles/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1149b%0d%0aefa85773377 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1149b%0d%0aefa85773377/styles/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:28:49 GMT
Server: Apache
Location: http://fastdial.net/static/1149b
efa85773377/styles/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.504. https://fastdial.net/static/scripts/styles/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 88cd2%0d%0a5cb48254e38 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/88cd2%0d%0a5cb48254e38/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:01 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/88cd2
5cb48254e38/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.505. https://fastdial.net/static/scripts/styles/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6bd78%0d%0aa611abf279a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/6bd78%0d%0aa611abf279a/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:18 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/6bd78
a611abf279a/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.506. https://fastdial.net/static/scripts/styles/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 44959%0d%0a925ad4200f7 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/44959%0d%0a925ad4200f7/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:31 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/44959
925ad4200f7/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.507. https://fastdial.net/static/scripts/styles/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 6e810%0d%0af78ed9315fb was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/styles/6e810%0d%0af78ed9315fb/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:45 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/styles/6e810
f78ed9315fb/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.508. https://fastdial.net/static/scripts/styles/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3267e%0d%0a42fc5f6f211 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3267e%0d%0a42fc5f6f211/scripts/styles/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:08 GMT
Server: Apache
Location: http://fastdial.net/3267e
42fc5f6f211/scripts/styles/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.509. https://fastdial.net/static/scripts/styles/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 79154%0d%0a7e713f6b436 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/79154%0d%0a7e713f6b436/styles/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:18 GMT
Server: Apache
Location: http://fastdial.net/static/79154
7e713f6b436/styles/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.510. https://fastdial.net/static/scripts/styles/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1b16a%0d%0a23bc76aa6b7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/1b16a%0d%0a23bc76aa6b7/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:34 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/1b16a
23bc76aa6b7/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.511. https://fastdial.net/static/scripts/styles/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 71932%0d%0ad7cfe8d24d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/71932%0d%0ad7cfe8d24d/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:44 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/71932
d7cfe8d24d/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.512. https://fastdial.net/static/scripts/styles/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c2ac2%0d%0a4f5934867c1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/images/c2ac2%0d%0a4f5934867c1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:29:57 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/images/c2ac2
4f5934867c1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.513. https://fastdial.net/static/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 181eb%0d%0a458a3e0a65f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /181eb%0d%0a458a3e0a65f/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:47:05 GMT
Server: Apache
Location: http://fastdial.net/181eb
458a3e0a65f/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.514. https://fastdial.net/static/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7ea70%0d%0a0f9444a4d68 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7ea70%0d%0a0f9444a4d68/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:47:22 GMT
Server: Apache
Location: http://fastdial.net/static/7ea70
0f9444a4d68/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.515. https://fastdial.net/static/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 8dd3f%0d%0a3e16c5fe2c8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/8dd3f%0d%0a3e16c5fe2c8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:47:37 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/8dd3f
3e16c5fe2c8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.516. https://fastdial.net/static/scripts/styles/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 21b3c%0d%0ae1438edb341 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /21b3c%0d%0ae1438edb341/scripts/styles/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:23:12 GMT
Server: Apache
Location: http://fastdial.net/21b3c
e1438edb341/scripts/styles/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.517. https://fastdial.net/static/scripts/styles/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c05cc%0d%0ac4842dd1752 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c05cc%0d%0ac4842dd1752/styles/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:23:26 GMT
Server: Apache
Location: http://fastdial.net/static/c05cc
c4842dd1752/styles/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.518. https://fastdial.net/static/scripts/styles/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload cc9f1%0d%0a19ebc14e807 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/cc9f1%0d%0a19ebc14e807/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:25:53 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/cc9f1
19ebc14e807/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.519. https://fastdial.net/static/scripts/styles/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 46467%0d%0a5ae0e48e0e4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/46467%0d%0a5ae0e48e0e4/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:07 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/46467
5ae0e48e0e4/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.520. https://fastdial.net/static/scripts/styles/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 40a2e%0d%0a61c22ec4d09 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/scripts/40a2e%0d%0a61c22ec4d09/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:19 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/scripts/40a2e
61c22ec4d09/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.521. https://fastdial.net/static/scripts/styles/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7474a%0d%0a2cb208d65f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/scripts/images/7474a%0d%0a2cb208d65f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:36 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/scripts/images/7474a
2cb208d65f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.522. https://fastdial.net/static/scripts/styles/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e2739%0d%0a6dbc8ebb21 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e2739%0d%0a6dbc8ebb21/scripts/styles/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:24:13 GMT
Server: Apache
Location: http://fastdial.net/e2739
6dbc8ebb21/scripts/styles/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.523. https://fastdial.net/static/scripts/styles/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7aba6%0d%0a0509eed8995 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7aba6%0d%0a0509eed8995/styles/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:24:25 GMT
Server: Apache
Location: http://fastdial.net/static/7aba6
0509eed8995/styles/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.524. https://fastdial.net/static/scripts/styles/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6bcfb%0d%0a5d6b6467f7b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/6bcfb%0d%0a5d6b6467f7b/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:25:53 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/6bcfb
5d6b6467f7b/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.525. https://fastdial.net/static/scripts/styles/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5cd6e%0d%0ac48547cc602 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/5cd6e%0d%0ac48547cc602/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:05 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/5cd6e
c48547cc602/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.526. https://fastdial.net/static/scripts/styles/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2ed31%0d%0ac45f5c6675b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/scripts/2ed31%0d%0ac45f5c6675b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:26:16 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/scripts/2ed31
c45f5c6675b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.527. https://fastdial.net/static/scripts/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ee909%0d%0a954e1bb712b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ee909%0d%0a954e1bb712b/scripts/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:46:58 GMT
Server: Apache
Location: http://fastdial.net/ee909
954e1bb712b/scripts/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.528. https://fastdial.net/static/scripts/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ed474%0d%0a8e7fcbffcad was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ed474%0d%0a8e7fcbffcad/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:47:16 GMT
Server: Apache
Location: http://fastdial.net/static/ed474
8e7fcbffcad/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.529. https://fastdial.net/static/scripts/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a0531%0d%0a5f00ab32a54 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/a0531%0d%0a5f00ab32a54/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:47:27 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/a0531
5f00ab32a54/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.530. https://fastdial.net/static/scripts/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload cb61a%0d%0aaa9d083ff0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/cb61a%0d%0aaa9d083ff0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:47:45 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/cb61a
aa9d083ff0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.531. https://fastdial.net/static/scripts/styles/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3e756%0d%0adc8caf6a4fa was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3e756%0d%0adc8caf6a4fa/scripts/styles/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:07 GMT
Server: Apache
Location: http://fastdial.net/3e756
dc8caf6a4fa/scripts/styles/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.532. https://fastdial.net/static/scripts/styles/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8ec1e%0d%0ab17014e3bbc was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8ec1e%0d%0ab17014e3bbc/styles/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:20 GMT
Server: Apache
Location: http://fastdial.net/static/8ec1e
b17014e3bbc/styles/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.533. https://fastdial.net/static/scripts/styles/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload fc632%0d%0afc59eeb6471 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/fc632%0d%0afc59eeb6471/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:37 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/fc632
fc59eeb6471/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.534. https://fastdial.net/static/scripts/styles/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a191f%0d%0a6edf4d1f20b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/a191f%0d%0a6edf4d1f20b/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:52 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/a191f
6edf4d1f20b/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.535. https://fastdial.net/static/scripts/styles/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4ae63%0d%0a234397ea8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/scripts/4ae63%0d%0a234397ea8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:23:04 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/scripts/4ae63
234397ea8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.536. https://fastdial.net/static/scripts/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8f014%0d%0a384d390ccd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8f014%0d%0a384d390ccd/scripts/styles/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:39 GMT
Server: Apache
Location: http://fastdial.net/8f014
384d390ccd/scripts/styles/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.537. https://fastdial.net/static/scripts/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8cfb8%0d%0ac76cc83993e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8cfb8%0d%0ac76cc83993e/styles/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:55 GMT
Server: Apache
Location: http://fastdial.net/static/8cfb8
c76cc83993e/styles/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.538. https://fastdial.net/static/scripts/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6f736%0d%0aa88a1c51573 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/6f736%0d%0aa88a1c51573/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:06 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/6f736
a88a1c51573/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.539. https://fastdial.net/static/scripts/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 44383%0d%0a4f164018e79 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/44383%0d%0a4f164018e79/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:23 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/44383
4f164018e79/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.540. https://fastdial.net/static/scripts/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7799a%0d%0a18986328a2a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/scripts/7799a%0d%0a18986328a2a/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:34 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/scripts/7799a
18986328a2a/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.541. https://fastdial.net/static/scripts/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload eca48%0d%0ad40c7f7e9cc was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/scripts/styles/eca48%0d%0ad40c7f7e9cc/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:53 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/scripts/styles/eca48
d40c7f7e9cc/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.542. https://fastdial.net/static/scripts/styles/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 97250%0d%0a497cce6db3c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /97250%0d%0a497cce6db3c/scripts/styles/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:56 GMT
Server: Apache
Location: http://fastdial.net/97250
497cce6db3c/scripts/styles/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.543. https://fastdial.net/static/scripts/styles/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 47de8%0d%0ac4da7869eba was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/47de8%0d%0ac4da7869eba/styles/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:13 GMT
Server: Apache
Location: http://fastdial.net/static/47de8
c4da7869eba/styles/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.544. https://fastdial.net/static/scripts/styles/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ad98d%0d%0af28988190ea was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/ad98d%0d%0af28988190ea/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:27 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/ad98d
f28988190ea/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.545. https://fastdial.net/static/scripts/styles/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8d42a%0d%0a3397f4285c8 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/8d42a%0d%0a3397f4285c8/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:41 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/8d42a
3397f4285c8/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.546. https://fastdial.net/static/scripts/styles/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a1f19%0d%0ad2093d41f37 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/scripts/a1f19%0d%0ad2093d41f37/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:56 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/scripts/a1f19
d2093d41f37/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.547. https://fastdial.net/static/scripts/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c99b5%0d%0a99ba5df04f1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c99b5%0d%0a99ba5df04f1/scripts/styles/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:16:53 GMT
Server: Apache
Location: http://fastdial.net/c99b5
99ba5df04f1/scripts/styles/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.548. https://fastdial.net/static/scripts/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f9ec6%0d%0a8729ebe2433 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f9ec6%0d%0a8729ebe2433/styles/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:17:37 GMT
Server: Apache
Location: http://fastdial.net/static/f9ec6
8729ebe2433/styles/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.549. https://fastdial.net/static/scripts/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e11b2%0d%0aee68e508064 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/e11b2%0d%0aee68e508064/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:18:47 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/e11b2
ee68e508064/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.550. https://fastdial.net/static/scripts/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1f631%0d%0a87f587f52b5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/1f631%0d%0a87f587f52b5/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:00 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/1f631
87f587f52b5/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.551. https://fastdial.net/static/scripts/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f17fb%0d%0aafeeafdc1da was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/f17fb%0d%0aafeeafdc1da/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:15 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/f17fb
afeeafdc1da/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.552. https://fastdial.net/static/scripts/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload df1ec%0d%0a9f699143f34 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/common/df1ec%0d%0a9f699143f34/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:35 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/common/df1ec
9f699143f34/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.553. https://fastdial.net/static/scripts/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 27b20%0d%0a1d74b5008f was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/common/images/27b20%0d%0a1d74b5008f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:54 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/common/images/27b20
1d74b5008f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.554. https://fastdial.net/static/scripts/styles/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 412db%0d%0acc20c358f3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /412db%0d%0acc20c358f3/scripts/styles/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:16:49 GMT
Server: Apache
Location: http://fastdial.net/412db
cc20c358f3/scripts/styles/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.555. https://fastdial.net/static/scripts/styles/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload eb475%0d%0a4a65eff63b8 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/eb475%0d%0a4a65eff63b8/styles/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:17:05 GMT
Server: Apache
Location: http://fastdial.net/static/eb475
4a65eff63b8/styles/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.556. https://fastdial.net/static/scripts/styles/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 26896%0d%0a0fb50f63498 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/26896%0d%0a0fb50f63498/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:17:35 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/26896
0fb50f63498/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.557. https://fastdial.net/static/scripts/styles/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5bdeb%0d%0a46b66a93c55 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/5bdeb%0d%0a46b66a93c55/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:17:46 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/5bdeb
46b66a93c55/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.558. https://fastdial.net/static/scripts/styles/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f3b8c%0d%0a7a206a4717e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/f3b8c%0d%0a7a206a4717e/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:18:27 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/f3b8c
7a206a4717e/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.559. https://fastdial.net/static/scripts/styles/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 19938%0d%0a3f97c4b9ff was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/common/19938%0d%0a3f97c4b9ff/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:18:43 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/common/19938
3f97c4b9ff/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.560. https://fastdial.net/static/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6c8ca%0d%0a493880aa21e was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6c8ca%0d%0a493880aa21e/scripts/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:44:52 GMT
Server: Apache
Location: http://fastdial.net/6c8ca
493880aa21e/scripts/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.561. https://fastdial.net/static/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 86976%0d%0a8a497b24bd6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/86976%0d%0a8a497b24bd6/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:45:34 GMT
Server: Apache
Location: http://fastdial.net/static/86976
8a497b24bd6/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.562. https://fastdial.net/static/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b784f%0d%0aee4f1bc2928 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/b784f%0d%0aee4f1bc2928/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:45:46 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/b784f
ee4f1bc2928/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.563. https://fastdial.net/static/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a0fca%0d%0af798b33c7e2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/a0fca%0d%0af798b33c7e2/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:46:00 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/a0fca
f798b33c7e2/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.564. https://fastdial.net/static/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 73f93%0d%0a42e8c358f4f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/73f93%0d%0a42e8c358f4f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:46:16 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/73f93
42e8c358f4f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.565. https://fastdial.net/static/scripts/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5bc62%0d%0aea5db158d18 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5bc62%0d%0aea5db158d18/scripts/styles/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:11:48 GMT
Server: Apache
Location: http://fastdial.net/5bc62
ea5db158d18/scripts/styles/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.566. https://fastdial.net/static/scripts/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6b4c8%0d%0a66e3e9b8b5d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6b4c8%0d%0a66e3e9b8b5d/styles/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:38 GMT
Server: Apache
Location: http://fastdial.net/static/6b4c8
66e3e9b8b5d/styles/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.567. https://fastdial.net/static/scripts/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload aaa89%0d%0a6296f86b670 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/aaa89%0d%0a6296f86b670/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:50 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/aaa89
6296f86b670/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.568. https://fastdial.net/static/scripts/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 90a09%0d%0a4cf87e29fe3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/90a09%0d%0a4cf87e29fe3/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:04 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/90a09
4cf87e29fe3/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.569. https://fastdial.net/static/scripts/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 8020e%0d%0aef62b66aa1b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/8020e%0d%0aef62b66aa1b/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:20 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/8020e
ef62b66aa1b/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.570. https://fastdial.net/static/scripts/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1068c%0d%0a4f1b2adfd8f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/common/1068c%0d%0a4f1b2adfd8f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:31 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/common/1068c
4f1b2adfd8f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.571. https://fastdial.net/static/scripts/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 937d4%0d%0acd01a617ebd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /937d4%0d%0acd01a617ebd/scripts/styles/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:11:53 GMT
Server: Apache
Location: http://fastdial.net/937d4
cd01a617ebd/scripts/styles/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.572. https://fastdial.net/static/scripts/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a36a9%0d%0ab279a6db041 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a36a9%0d%0ab279a6db041/styles/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:42 GMT
Server: Apache
Location: http://fastdial.net/static/a36a9
b279a6db041/styles/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.573. https://fastdial.net/static/scripts/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 38b66%0d%0aa7005a5e0e1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/38b66%0d%0aa7005a5e0e1/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:55 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/38b66
a7005a5e0e1/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.574. https://fastdial.net/static/scripts/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2a273%0d%0a7277b3ad259 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/2a273%0d%0a7277b3ad259/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:08 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/2a273
7277b3ad259/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.575. https://fastdial.net/static/scripts/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6bf29%0d%0a20488a34522 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/6bf29%0d%0a20488a34522/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:31 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/6bf29
20488a34522/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.576. https://fastdial.net/static/scripts/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 40aee%0d%0a2474439fc77 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/common/40aee%0d%0a2474439fc77/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:45 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/common/40aee
2474439fc77/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.577. https://fastdial.net/static/scripts/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload b8fff%0d%0a3983f78fa37 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/common/styles/b8fff%0d%0a3983f78fa37/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:15:03 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/common/styles/b8fff
3983f78fa37/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.578. https://fastdial.net/static/scripts/styles/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 542f3%0d%0a9bdafa8ff0a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /542f3%0d%0a9bdafa8ff0a/scripts/styles/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:11:45 GMT
Server: Apache
Location: http://fastdial.net/542f3
9bdafa8ff0a/scripts/styles/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.579. https://fastdial.net/static/scripts/styles/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d3386%0d%0a7cf3ea8c3de was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d3386%0d%0a7cf3ea8c3de/styles/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:43 GMT
Server: Apache
Location: http://fastdial.net/static/d3386
7cf3ea8c3de/styles/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.580. https://fastdial.net/static/scripts/styles/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 92e79%0d%0ac9f0991f0bb was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/92e79%0d%0ac9f0991f0bb/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:13:56 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/92e79
c9f0991f0bb/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.581. https://fastdial.net/static/scripts/styles/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ef90a%0d%0ae4d6bdfc100 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/ef90a%0d%0ae4d6bdfc100/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:14 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/ef90a
e4d6bdfc100/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.582. https://fastdial.net/static/scripts/styles/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1c348%0d%0a8e2792728e6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/1c348%0d%0a8e2792728e6/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:28 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/1c348
8e2792728e6/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.583. https://fastdial.net/static/scripts/styles/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 6b504%0d%0a91b3af83708 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/common/6b504%0d%0a91b3af83708/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:14:38 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/common/6b504
91b3af83708/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.584. https://fastdial.net/static/scripts/styles/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 63dfd%0d%0ad9e8f142083 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /63dfd%0d%0ad9e8f142083/scripts/styles/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:20:33 GMT
Server: Apache
Location: http://fastdial.net/63dfd
d9e8f142083/scripts/styles/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.585. https://fastdial.net/static/scripts/styles/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8e901%0d%0a0a14dc20d10 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8e901%0d%0a0a14dc20d10/styles/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:20:43 GMT
Server: Apache
Location: http://fastdial.net/static/8e901
0a14dc20d10/styles/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.586. https://fastdial.net/static/scripts/styles/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d5433%0d%0a8896bc31e34 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/d5433%0d%0a8896bc31e34/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:00 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/d5433
8896bc31e34/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.587. https://fastdial.net/static/scripts/styles/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5c1e0%0d%0aeb602be9557 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/5c1e0%0d%0aeb602be9557/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:14 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/5c1e0
eb602be9557/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.588. https://fastdial.net/static/scripts/styles/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b0631%0d%0af8d9a2d8395 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/b0631%0d%0af8d9a2d8395/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:28 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/b0631
f8d9a2d8395/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.589. https://fastdial.net/static/scripts/styles/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload e8358%0d%0ae7d15d6b40a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/images/e8358%0d%0ae7d15d6b40a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:38 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/images/e8358
e7d15d6b40a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.590. https://fastdial.net/static/scripts/styles/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d6aa0%0d%0ab285c855883 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d6aa0%0d%0ab285c855883/scripts/styles/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:21 GMT
Server: Apache
Location: http://fastdial.net/d6aa0
b285c855883/scripts/styles/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.591. https://fastdial.net/static/scripts/styles/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 87424%0d%0a4d2be80b2e7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/87424%0d%0a4d2be80b2e7/styles/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:39 GMT
Server: Apache
Location: http://fastdial.net/static/87424
4d2be80b2e7/styles/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.592. https://fastdial.net/static/scripts/styles/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5074b%0d%0a6df18bb375a was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/5074b%0d%0a6df18bb375a/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:21:53 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/5074b
6df18bb375a/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.593. https://fastdial.net/static/scripts/styles/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 126f7%0d%0a1a041314213 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/126f7%0d%0a1a041314213/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:07 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/126f7
1a041314213/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.594. https://fastdial.net/static/scripts/styles/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ad734%0d%0a2c0b31b990f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/ad734%0d%0a2c0b31b990f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:22:22 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/ad734
2c0b31b990f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.595. https://fastdial.net/static/scripts/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 91535%0d%0a1081025ff5a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /91535%0d%0a1081025ff5a/scripts/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:45:48 GMT
Server: Apache
Location: http://fastdial.net/91535
1081025ff5a/scripts/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.596. https://fastdial.net/static/scripts/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 59db8%0d%0a6390d547e8 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/59db8%0d%0a6390d547e8/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:45:59 GMT
Server: Apache
Location: http://fastdial.net/static/59db8
6390d547e8/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.597. https://fastdial.net/static/scripts/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 12bf6%0d%0a8b1c2d77fe5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/12bf6%0d%0a8b1c2d77fe5/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:46:18 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/12bf6
8b1c2d77fe5/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.598. https://fastdial.net/static/scripts/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload bea54%0d%0a495f57162b1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/bea54%0d%0a495f57162b1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:46:30 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/bea54
495f57162b1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.599. https://fastdial.net/static/scripts/styles/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e0571%0d%0ab11c2b4d6ed was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e0571%0d%0ab11c2b4d6ed/scripts/styles/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:17:07 GMT
Server: Apache
Location: http://fastdial.net/e0571
b11c2b4d6ed/scripts/styles/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.600. https://fastdial.net/static/scripts/styles/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 27f69%0d%0a5cf84f5240c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/27f69%0d%0a5cf84f5240c/styles/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:18:33 GMT
Server: Apache
Location: http://fastdial.net/static/27f69
5cf84f5240c/styles/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.601. https://fastdial.net/static/scripts/styles/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e50dd%0d%0aaec28d28192 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/e50dd%0d%0aaec28d28192/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:18:45 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/e50dd
aec28d28192/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.602. https://fastdial.net/static/scripts/styles/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6a897%0d%0a92778f36175 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/6a897%0d%0a92778f36175/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:02 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/6a897
92778f36175/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.603. https://fastdial.net/static/scripts/styles/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5ca34%0d%0aee05dcd83e9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/5ca34%0d%0aee05dcd83e9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:35 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/5ca34
ee05dcd83e9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.604. https://fastdial.net/static/scripts/styles/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 56387%0d%0aa987b91893f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /56387%0d%0aa987b91893f/scripts/styles/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:16:57 GMT
Server: Apache
Location: http://fastdial.net/56387
a987b91893f/scripts/styles/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.605. https://fastdial.net/static/scripts/styles/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6830c%0d%0af8808acb25a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6830c%0d%0af8808acb25a/styles/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:17:37 GMT
Server: Apache
Location: http://fastdial.net/static/6830c
f8808acb25a/styles/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.606. https://fastdial.net/static/scripts/styles/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a70e4%0d%0a0ff148c5628 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/a70e4%0d%0a0ff148c5628/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:18:48 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/a70e4
0ff148c5628/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.607. https://fastdial.net/static/scripts/styles/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7c591%0d%0acdbb0faa2ba was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/7c591%0d%0acdbb0faa2ba/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:00 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/7c591
cdbb0faa2ba/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.608. https://fastdial.net/static/scripts/styles/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ab389%0d%0ab911d4a98a0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/ab389%0d%0ab911d4a98a0/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:39 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/ab389
b911d4a98a0/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.609. https://fastdial.net/static/scripts/styles/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload cc2f0%0d%0a92eb917e053 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/styles/cc2f0%0d%0a92eb917e053/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:50 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/styles/cc2f0
92eb917e053/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.610. https://fastdial.net/static/scripts/styles/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5e87b%0d%0a887d5fb9f0a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5e87b%0d%0a887d5fb9f0a/scripts/styles/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:17:01 GMT
Server: Apache
Location: http://fastdial.net/5e87b
887d5fb9f0a/scripts/styles/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.611. https://fastdial.net/static/scripts/styles/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5f531%0d%0a234e18b97d3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5f531%0d%0a234e18b97d3/styles/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:17:38 GMT
Server: Apache
Location: http://fastdial.net/static/5f531
234e18b97d3/styles/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.612. https://fastdial.net/static/scripts/styles/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ed7be%0d%0a59453e87c7f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/ed7be%0d%0a59453e87c7f/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:18:47 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/ed7be
59453e87c7f/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.613. https://fastdial.net/static/scripts/styles/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 31c53%0d%0af412f0d7672 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/31c53%0d%0af412f0d7672/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:00 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/31c53
f412f0d7672/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.614. https://fastdial.net/static/scripts/styles/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/scripts/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1798b%0d%0a05057b1b3f9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/scripts/styles/styles/1798b%0d%0a05057b1b3f9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:19:39 GMT
Server: Apache
Location: http://fastdial.net/static/scripts/styles/styles/1798b
05057b1b3f9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.615. https://fastdial.net/static/styles/common/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e2878%0d%0a4abe4d610fb was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e2878%0d%0a4abe4d610fb/styles/common/images/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:04 GMT
Server: Apache
Location: http://fastdial.net/e2878
4abe4d610fb/styles/common/images/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.616. https://fastdial.net/static/styles/common/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a420f%0d%0ad4d4eddb9ea was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a420f%0d%0ad4d4eddb9ea/common/images/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:29 GMT
Server: Apache
Location: http://fastdial.net/static/a420f
d4d4eddb9ea/common/images/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.617. https://fastdial.net/static/styles/common/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dea98%0d%0a2ff1de15b11 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/dea98%0d%0a2ff1de15b11/images/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/dea98
2ff1de15b11/images/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.618. https://fastdial.net/static/styles/common/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 69621%0d%0a4d0e9531cd6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/69621%0d%0a4d0e9531cd6/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/69621
4d0e9531cd6/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.619. https://fastdial.net/static/styles/common/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ec036%0d%0afe1753e46c6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/ec036%0d%0afe1753e46c6/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/ec036
fe1753e46c6/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.620. https://fastdial.net/static/styles/common/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload cdd33%0d%0aa6ffce129d8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/cdd33%0d%0aa6ffce129d8/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/cdd33
a6ffce129d8/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.621. https://fastdial.net/static/styles/common/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload de3cc%0d%0a1210b9310b0 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/de3cc%0d%0a1210b9310b0/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/de3cc
1210b9310b0/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.622. https://fastdial.net/static/styles/common/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload efeb0%0d%0acdc13834ac5 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/common/efeb0%0d%0acdc13834ac5/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/common/efeb0
cdc13834ac5/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.623. https://fastdial.net/static/styles/common/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 9 is copied into the Location response header. The payload f1f36%0d%0ad63a7c79fdf was submitted in the REST URL parameter 9. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/common/images/f1f36%0d%0ad63a7c79fdf/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:13:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/common/images/f1f36
d63a7c79fdf/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.624. https://fastdial.net/static/styles/common/images/common/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9b155%0d%0ae881695f9b1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9b155%0d%0ae881695f9b1/styles/common/images/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:13 GMT
Server: Apache
Location: http://fastdial.net/9b155
e881695f9b1/styles/common/images/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.625. https://fastdial.net/static/styles/common/images/common/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8ade0%0d%0a38b6cc75fa6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8ade0%0d%0a38b6cc75fa6/common/images/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:28 GMT
Server: Apache
Location: http://fastdial.net/static/8ade0
38b6cc75fa6/common/images/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.626. https://fastdial.net/static/styles/common/images/common/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9f25a%0d%0a80b8e835f12 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/9f25a%0d%0a80b8e835f12/images/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/9f25a
80b8e835f12/images/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.627. https://fastdial.net/static/styles/common/images/common/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4aa88%0d%0ab952018f7df was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/4aa88%0d%0ab952018f7df/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/4aa88
b952018f7df/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.628. https://fastdial.net/static/styles/common/images/common/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3a72a%0d%0a474dbd1114a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/3a72a%0d%0a474dbd1114a/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/3a72a
474dbd1114a/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.629. https://fastdial.net/static/styles/common/images/common/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload df1d9%0d%0aed247579cff was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/df1d9%0d%0aed247579cff/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/df1d9
ed247579cff/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.630. https://fastdial.net/static/styles/common/images/common/images/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 8cd73%0d%0af9babb85f9c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/8cd73%0d%0af9babb85f9c/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/8cd73
f9babb85f9c/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.631. https://fastdial.net/static/styles/common/images/common/images/common/images/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload a5caa%0d%0afa6078275f8 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/common/a5caa%0d%0afa6078275f8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/common/a5caa
fa6078275f8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.632. https://fastdial.net/static/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 31e21%0d%0a6b071778f0e was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /31e21%0d%0a6b071778f0e/styles/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:52 GMT
Server: Apache
Location: http://fastdial.net/31e21
6b071778f0e/styles/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.633. https://fastdial.net/static/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3adcc%0d%0ab15098d3f73 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3adcc%0d%0ab15098d3f73/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:11:03 GMT
Server: Apache
Location: http://fastdial.net/static/3adcc
b15098d3f73/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.634. https://fastdial.net/static/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload aaf26%0d%0adb5949ca2c7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/aaf26%0d%0adb5949ca2c7/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:11:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/aaf26
db5949ca2c7/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.635. https://fastdial.net/static/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload cb49c%0d%0a33439808e53 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/cb49c%0d%0a33439808e53/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:12:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/cb49c
33439808e53/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.636. https://fastdial.net/static/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1acf7%0d%0a19700d2d50e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/1acf7%0d%0a19700d2d50e/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:13:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/1acf7
19700d2d50e/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.637. https://fastdial.net/static/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c4409%0d%0a81a41101b63 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/c4409%0d%0a81a41101b63/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:13:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/c4409
81a41101b63/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.638. https://fastdial.net/static/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 8061b%0d%0a878ea35929b was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/8061b%0d%0a878ea35929b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:14:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/8061b
878ea35929b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.639. https://fastdial.net/static/styles/common/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 82466%0d%0ae2d3250b8e2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /82466%0d%0ae2d3250b8e2/styles/common/images/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:43 GMT
Server: Apache
Location: http://fastdial.net/82466
e2d3250b8e2/styles/common/images/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.640. https://fastdial.net/static/styles/common/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b5517%0d%0abed30507716 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b5517%0d%0abed30507716/common/images/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:56 GMT
Server: Apache
Location: http://fastdial.net/static/b5517
bed30507716/common/images/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.641. https://fastdial.net/static/styles/common/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3954b%0d%0a6cfe7401d2f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/3954b%0d%0a6cfe7401d2f/images/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/3954b
6cfe7401d2f/images/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.642. https://fastdial.net/static/styles/common/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b1e66%0d%0ab8f835bc814 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/b1e66%0d%0ab8f835bc814/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/b1e66
b8f835bc814/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.643. https://fastdial.net/static/styles/common/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 96476%0d%0a81ce7cc2acb was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/96476%0d%0a81ce7cc2acb/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/96476
81ce7cc2acb/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.644. https://fastdial.net/static/styles/common/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f00d2%0d%0a9091a2c72a9 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/f00d2%0d%0a9091a2c72a9/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/f00d2
9091a2c72a9/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.645. https://fastdial.net/static/styles/common/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 3fe71%0d%0a2ec879b7363 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/3fe71%0d%0a2ec879b7363/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/3fe71
2ec879b7363/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.646. https://fastdial.net/static/styles/common/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 45d71%0d%0a8caf24d60ce was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/common/45d71%0d%0a8caf24d60ce/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/common/45d71
8caf24d60ce/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.647. https://fastdial.net/static/styles/common/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b4cb7%0d%0a1ed4876e839 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b4cb7%0d%0a1ed4876e839/styles/common/images/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:29 GMT
Server: Apache
Location: http://fastdial.net/b4cb7
1ed4876e839/styles/common/images/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.648. https://fastdial.net/static/styles/common/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d95d5%0d%0a09b8a5cab73 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d95d5%0d%0a09b8a5cab73/common/images/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:47 GMT
Server: Apache
Location: http://fastdial.net/static/d95d5
09b8a5cab73/common/images/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.649. https://fastdial.net/static/styles/common/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4a9bf%0d%0a444803a6968 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/4a9bf%0d%0a444803a6968/images/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/4a9bf
444803a6968/images/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.650. https://fastdial.net/static/styles/common/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f3fca%0d%0a84349fe7af1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/f3fca%0d%0a84349fe7af1/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/f3fca
84349fe7af1/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.651. https://fastdial.net/static/styles/common/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5c4e3%0d%0a71c835a766b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/5c4e3%0d%0a71c835a766b/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/5c4e3
71c835a766b/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.652. https://fastdial.net/static/styles/common/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9e7b5%0d%0aaeb68a5e3d2 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/9e7b5%0d%0aaeb68a5e3d2/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/9e7b5
aeb68a5e3d2/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.653. https://fastdial.net/static/styles/common/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload ccccf%0d%0aae35ae3515c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/ccccf%0d%0aae35ae3515c/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/ccccf
ae35ae3515c/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.654. https://fastdial.net/static/styles/common/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload fc87f%0d%0aebfb8c3bc06 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/common/fc87f%0d%0aebfb8c3bc06/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/common/fc87f
ebfb8c3bc06/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.655. https://fastdial.net/static/styles/common/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 9 is copied into the Location response header. The payload 98c91%0d%0a8dc5054be9b was submitted in the REST URL parameter 9. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/common/styles/98c91%0d%0a8dc5054be9b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/common/styles/98c91
8dc5054be9b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.656. https://fastdial.net/static/styles/common/images/common/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 44ef2%0d%0ad48498b6afa was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /44ef2%0d%0ad48498b6afa/styles/common/images/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:26 GMT
Server: Apache
Location: http://fastdial.net/44ef2
d48498b6afa/styles/common/images/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.657. https://fastdial.net/static/styles/common/images/common/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d8068%0d%0ae851d4779a1 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d8068%0d%0ae851d4779a1/common/images/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:47 GMT
Server: Apache
Location: http://fastdial.net/static/d8068
e851d4779a1/common/images/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.658. https://fastdial.net/static/styles/common/images/common/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2955b%0d%0abc8864aa5d3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/2955b%0d%0abc8864aa5d3/images/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/2955b
bc8864aa5d3/images/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.659. https://fastdial.net/static/styles/common/images/common/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d9fa0%0d%0ac742a76f726 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/d9fa0%0d%0ac742a76f726/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/d9fa0
c742a76f726/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.660. https://fastdial.net/static/styles/common/images/common/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b3a79%0d%0aea0ae8c594c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/b3a79%0d%0aea0ae8c594c/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/b3a79
ea0ae8c594c/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.661. https://fastdial.net/static/styles/common/images/common/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 41033%0d%0a02275833ea was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/41033%0d%0a02275833ea/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/41033
02275833ea/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.662. https://fastdial.net/static/styles/common/images/common/images/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 35ac2%0d%0adeaf5205c73 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/35ac2%0d%0adeaf5205c73/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/35ac2
deaf5205c73/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.663. https://fastdial.net/static/styles/common/images/common/images/common/styles/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 5cc0d%0d%0a99f5c53e2ff was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/common/5cc0d%0d%0a99f5c53e2ff/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/common/5cc0d
99f5c53e2ff/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.664. https://fastdial.net/static/styles/common/images/common/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fb1f9%0d%0a6e36500bb1c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fb1f9%0d%0a6e36500bb1c/styles/common/images/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:58 GMT
Server: Apache
Location: http://fastdial.net/fb1f9
6e36500bb1c/styles/common/images/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.665. https://fastdial.net/static/styles/common/images/common/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7cf0a%0d%0a413e64c008 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7cf0a%0d%0a413e64c008/common/images/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:13 GMT
Server: Apache
Location: http://fastdial.net/static/7cf0a
413e64c008/common/images/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.666. https://fastdial.net/static/styles/common/images/common/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 16ab9%0d%0a988b6c735d7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/16ab9%0d%0a988b6c735d7/images/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/16ab9
988b6c735d7/images/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.667. https://fastdial.net/static/styles/common/images/common/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d40cb%0d%0a5dcc8091ab4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/d40cb%0d%0a5dcc8091ab4/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/d40cb
5dcc8091ab4/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.668. https://fastdial.net/static/styles/common/images/common/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 61b60%0d%0a89b48e38a01 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/61b60%0d%0a89b48e38a01/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:16:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/61b60
89b48e38a01/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.669. https://fastdial.net/static/styles/common/images/common/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d5253%0d%0af25274574d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/d5253%0d%0af25274574d/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:16:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/d5253
f25274574d/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.670. https://fastdial.net/static/styles/common/images/common/images/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 68391%0d%0abf649ad5f58 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/68391%0d%0abf649ad5f58/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:16:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/68391
bf649ad5f58/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.671. https://fastdial.net/static/styles/common/images/common/images/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 691a2%0d%0a4ad20cde0e3 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/images/691a2%0d%0a4ad20cde0e3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:17:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/images/691a2
4ad20cde0e3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.672. https://fastdial.net/static/styles/common/images/common/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a29ff%0d%0a4ba7ff1572a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a29ff%0d%0a4ba7ff1572a/styles/common/images/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:17:25 GMT
Server: Apache
Location: http://fastdial.net/a29ff
4ba7ff1572a/styles/common/images/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.673. https://fastdial.net/static/styles/common/images/common/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f6ff7%0d%0a2dd43fb4509 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f6ff7%0d%0a2dd43fb4509/common/images/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:17:42 GMT
Server: Apache
Location: http://fastdial.net/static/f6ff7
2dd43fb4509/common/images/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.674. https://fastdial.net/static/styles/common/images/common/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f56a0%0d%0a7447a54a6ee was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f56a0%0d%0a7447a54a6ee/images/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:17:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f56a0
7447a54a6ee/images/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.675. https://fastdial.net/static/styles/common/images/common/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 15dc1%0d%0ab1f11ad0a0b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/15dc1%0d%0ab1f11ad0a0b/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:18:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/15dc1
b1f11ad0a0b/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.676. https://fastdial.net/static/styles/common/images/common/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 99c3d%0d%0a3fd84dadae4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/99c3d%0d%0a3fd84dadae4/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:18:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/99c3d
3fd84dadae4/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.677. https://fastdial.net/static/styles/common/images/common/images/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9c685%0d%0ae0e5855d807 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/9c685%0d%0ae0e5855d807/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/9c685
e0e5855d807/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.678. https://fastdial.net/static/styles/common/images/common/images/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload f9cfd%0d%0af826aeb577d was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/f9cfd%0d%0af826aeb577d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/f9cfd
f826aeb577d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.679. https://fastdial.net/static/styles/common/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 92890%0d%0a6da86110e2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /92890%0d%0a6da86110e2/styles/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:11:51 GMT
Server: Apache
Location: http://fastdial.net/92890
6da86110e2/styles/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.680. https://fastdial.net/static/styles/common/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload dc2f8%0d%0ab76cc639a77 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/dc2f8%0d%0ab76cc639a77/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:11:58 GMT
Server: Apache
Location: http://fastdial.net/static/dc2f8
b76cc639a77/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.681. https://fastdial.net/static/styles/common/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 28e50%0d%0a3dd8a94f242 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/28e50%0d%0a3dd8a94f242/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:12:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/28e50
3dd8a94f242/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.682. https://fastdial.net/static/styles/common/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ce4a3%0d%0a451b9a4defe was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ce4a3%0d%0a451b9a4defe/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:13:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ce4a3
451b9a4defe/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.683. https://fastdial.net/static/styles/common/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d9f1c%0d%0af8e8c95ba5a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/d9f1c%0d%0af8e8c95ba5a/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:13:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/d9f1c
f8e8c95ba5a/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.684. https://fastdial.net/static/styles/common/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 408f1%0d%0a1b8dea50fcc was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/408f1%0d%0a1b8dea50fcc/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:13:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/408f1
1b8dea50fcc/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.685. https://fastdial.net/static/styles/common/images/common/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6fcd2%0d%0aa98a93bda2d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6fcd2%0d%0aa98a93bda2d/styles/common/images/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:48 GMT
Server: Apache
Location: http://fastdial.net/6fcd2
a98a93bda2d/styles/common/images/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.686. https://fastdial.net/static/styles/common/images/common/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 94007%0d%0a4b94f839241 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/94007%0d%0a4b94f839241/common/images/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:02 GMT
Server: Apache
Location: http://fastdial.net/static/94007
4b94f839241/common/images/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.687. https://fastdial.net/static/styles/common/images/common/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 715fd%0d%0a17be007592d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/715fd%0d%0a17be007592d/images/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/715fd
17be007592d/images/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.688. https://fastdial.net/static/styles/common/images/common/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 181f6%0d%0a8855059a430 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/181f6%0d%0a8855059a430/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/181f6
8855059a430/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.689. https://fastdial.net/static/styles/common/images/common/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6a032%0d%0a1f6e29dbe07 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/6a032%0d%0a1f6e29dbe07/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/6a032
1f6e29dbe07/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.690. https://fastdial.net/static/styles/common/images/common/images/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 989f8%0d%0a9b411d9c911 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/989f8%0d%0a9b411d9c911/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:16:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/989f8
9b411d9c911/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.691. https://fastdial.net/static/styles/common/images/common/images/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 2a263%0d%0a50f1b29d86 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/2a263%0d%0a50f1b29d86/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:16:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/2a263
50f1b29d86/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.692. https://fastdial.net/static/styles/common/images/common/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 17b24%0d%0abb49a029ea3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /17b24%0d%0abb49a029ea3/styles/common/images/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:24 GMT
Server: Apache
Location: http://fastdial.net/17b24
bb49a029ea3/styles/common/images/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.693. https://fastdial.net/static/styles/common/images/common/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 15d1a%0d%0a0186b177392 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/15d1a%0d%0a0186b177392/common/images/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:40 GMT
Server: Apache
Location: http://fastdial.net/static/15d1a
0186b177392/common/images/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.694. https://fastdial.net/static/styles/common/images/common/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ee672%0d%0ae7ddccb90ca was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ee672%0d%0ae7ddccb90ca/images/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ee672
e7ddccb90ca/images/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.695. https://fastdial.net/static/styles/common/images/common/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 96629%0d%0ac89f9de3947 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/96629%0d%0ac89f9de3947/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/96629
c89f9de3947/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.696. https://fastdial.net/static/styles/common/images/common/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload eebc7%0d%0a596eddbd5af was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/eebc7%0d%0a596eddbd5af/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/eebc7
596eddbd5af/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.697. https://fastdial.net/static/styles/common/images/common/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d3526%0d%0a569d8bdafd4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/d3526%0d%0a569d8bdafd4/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/d3526
569d8bdafd4/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.698. https://fastdial.net/static/styles/common/images/common/images/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload e432c%0d%0adcde8823867 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/e432c%0d%0adcde8823867/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/e432c
dcde8823867/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.699. https://fastdial.net/static/styles/common/images/common/images/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload fac63%0d%0a28195f8d2f9 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/styles/fac63%0d%0a28195f8d2f9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:16:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/styles/fac63
28195f8d2f9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.700. https://fastdial.net/static/styles/common/images/common/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 43269%0d%0a47255e781d9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /43269%0d%0a47255e781d9/styles/common/images/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:42 GMT
Server: Apache
Location: http://fastdial.net/43269
47255e781d9/styles/common/images/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.701. https://fastdial.net/static/styles/common/images/common/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d1575%0d%0a7534a56e876 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d1575%0d%0a7534a56e876/common/images/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:14:56 GMT
Server: Apache
Location: http://fastdial.net/static/d1575
7534a56e876/common/images/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.702. https://fastdial.net/static/styles/common/images/common/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 857ef%0d%0ab06cda7723b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/857ef%0d%0ab06cda7723b/images/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/857ef
b06cda7723b/images/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.703. https://fastdial.net/static/styles/common/images/common/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 98b26%0d%0ab1cd21719c0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/98b26%0d%0ab1cd21719c0/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/98b26
b1cd21719c0/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.704. https://fastdial.net/static/styles/common/images/common/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5f02a%0d%0a1a0bdc4c46e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/5f02a%0d%0a1a0bdc4c46e/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/5f02a
1a0bdc4c46e/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.705. https://fastdial.net/static/styles/common/images/common/images/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 5fa89%0d%0ad7523ac82e8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/5fa89%0d%0ad7523ac82e8/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:15:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/5fa89
d7523ac82e8/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.706. https://fastdial.net/static/styles/common/images/common/images/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload eff1e%0d%0a23ff17159fc was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/images/eff1e%0d%0a23ff17159fc/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:16:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/images/eff1e
23ff17159fc/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.707. https://fastdial.net/static/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 52c9e%0d%0af5f5bb2c965 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /52c9e%0d%0af5f5bb2c965/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:09:23 GMT
Server: Apache
Location: http://fastdial.net/52c9e
f5f5bb2c965/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.708. https://fastdial.net/static/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e1536%0d%0a79da8f24a15 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e1536%0d%0a79da8f24a15/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:09:37 GMT
Server: Apache
Location: http://fastdial.net/static/e1536
79da8f24a15/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.709. https://fastdial.net/static/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e1c53%0d%0a302731fe731 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e1c53%0d%0a302731fe731/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:09:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e1c53
302731fe731/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.710. https://fastdial.net/static/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fc735%0d%0ad0f1697d18a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/fc735%0d%0ad0f1697d18a/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/fc735
d0f1697d18a/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.711. https://fastdial.net/static/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload fa591%0d%0a969a2284511 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/fa591%0d%0a969a2284511/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/fa591
969a2284511/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.712. https://fastdial.net/static/styles/common/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f02b1%0d%0a93d1d29ec73 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f02b1%0d%0a93d1d29ec73/styles/common/images/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:09:26 GMT
Server: Apache
Location: http://fastdial.net/f02b1
93d1d29ec73/styles/common/images/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.713. https://fastdial.net/static/styles/common/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 48ae7%0d%0adb2750bde25 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/48ae7%0d%0adb2750bde25/common/images/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:09:45 GMT
Server: Apache
Location: http://fastdial.net/static/48ae7
db2750bde25/common/images/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.714. https://fastdial.net/static/styles/common/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a5601%0d%0a2098ad97b83 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a5601%0d%0a2098ad97b83/images/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:09:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a5601
2098ad97b83/images/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.715. https://fastdial.net/static/styles/common/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 28afc%0d%0a1540819ad5f was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/28afc%0d%0a1540819ad5f/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/28afc
1540819ad5f/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.716. https://fastdial.net/static/styles/common/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9e9b8%0d%0abb5c66ff76e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/9e9b8%0d%0abb5c66ff76e/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/9e9b8
bb5c66ff76e/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.717. https://fastdial.net/static/styles/common/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload eeb10%0d%0a234b1b93d06 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/eeb10%0d%0a234b1b93d06/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/eeb10
234b1b93d06/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.718. https://fastdial.net/static/styles/common/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 263e9%0d%0ac14bebfcbc3 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/scripts/263e9%0d%0ac14bebfcbc3/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/scripts/263e9
c14bebfcbc3/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.719. https://fastdial.net/static/styles/common/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 82154%0d%0a7a988c4e8b9 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/scripts/images/82154%0d%0a7a988c4e8b9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/scripts/images/82154
7a988c4e8b9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.720. https://fastdial.net/static/styles/common/images/common/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6ca75%0d%0a803fde06a89 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6ca75%0d%0a803fde06a89/styles/common/images/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:21 GMT
Server: Apache
Location: http://fastdial.net/6ca75
803fde06a89/styles/common/images/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.721. https://fastdial.net/static/styles/common/images/common/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6e2c4%0d%0aff281a90720 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6e2c4%0d%0aff281a90720/common/images/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:10:56 GMT
Server: Apache
Location: http://fastdial.net/static/6e2c4
ff281a90720/common/images/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.722. https://fastdial.net/static/styles/common/images/common/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 78015%0d%0a4547e1285bd was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/78015%0d%0a4547e1285bd/images/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/78015
4547e1285bd/images/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.723. https://fastdial.net/static/styles/common/images/common/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1e159%0d%0a2102746bfbf was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/1e159%0d%0a2102746bfbf/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/1e159
2102746bfbf/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.724. https://fastdial.net/static/styles/common/images/common/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 87aeb%0d%0abd4314a6b43 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/87aeb%0d%0abd4314a6b43/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/87aeb
bd4314a6b43/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.725. https://fastdial.net/static/styles/common/images/common/scripts/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1ee04%0d%0ac5e2ef7c6a1 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/1ee04%0d%0ac5e2ef7c6a1/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:11:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/1ee04
c5e2ef7c6a1/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.726. https://fastdial.net/static/styles/common/images/common/scripts/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 40e29%0d%0a9d736833b72 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/scripts/40e29%0d%0a9d736833b72/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:12:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/scripts/40e29
9d736833b72/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.727. https://fastdial.net/static/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 43b90%0d%0a1b8572bfa05 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /43b90%0d%0a1b8572bfa05/styles/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:09:19 GMT
Server: Apache
Location: http://fastdial.net/43b90
1b8572bfa05/styles/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.728. https://fastdial.net/static/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9fa15%0d%0a23540f20556 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9fa15%0d%0a23540f20556/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:09:41 GMT
Server: Apache
Location: http://fastdial.net/static/9fa15
23540f20556/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.729. https://fastdial.net/static/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7ead6%0d%0a6af2bd4d62e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/7ead6%0d%0a6af2bd4d62e/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:09:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/7ead6
6af2bd4d62e/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.730. https://fastdial.net/static/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 26b1d%0d%0a2e3e438ba25 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/26b1d%0d%0a2e3e438ba25/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/26b1d
2e3e438ba25/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.731. https://fastdial.net/static/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 64f7f%0d%0aded4763dc1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/64f7f%0d%0aded4763dc1/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/64f7f
ded4763dc1/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.732. https://fastdial.net/static/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f7ec9%0d%0a3e568a1bad6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/f7ec9%0d%0a3e568a1bad6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/f7ec9
3e568a1bad6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.733. https://fastdial.net/static/styles/common/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9008d%0d%0a8fdc7829fd4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9008d%0d%0a8fdc7829fd4/styles/common/images/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:35 GMT
Server: Apache
Location: http://fastdial.net/9008d
8fdc7829fd4/styles/common/images/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.734. https://fastdial.net/static/styles/common/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 87b06%0d%0aeb893783156 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/87b06%0d%0aeb893783156/common/images/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:49 GMT
Server: Apache
Location: http://fastdial.net/static/87b06
eb893783156/common/images/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.735. https://fastdial.net/static/styles/common/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a5ba4%0d%0a702bf9c115 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a5ba4%0d%0a702bf9c115/images/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a5ba4
702bf9c115/images/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.736. https://fastdial.net/static/styles/common/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8d38e%0d%0a10c7e07711 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/8d38e%0d%0a10c7e07711/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/8d38e
10c7e07711/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.737. https://fastdial.net/static/styles/common/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c5b58%0d%0a2168c30a18a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/c5b58%0d%0a2168c30a18a/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/c5b58
2168c30a18a/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.738. https://fastdial.net/static/styles/common/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7928b%0d%0a0dc29fb1974 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/7928b%0d%0a0dc29fb1974/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/7928b
0dc29fb1974/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.739. https://fastdial.net/static/styles/common/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 328cc%0d%0ab6786345bf6 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/scripts/328cc%0d%0ab6786345bf6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:09:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/scripts/328cc
b6786345bf6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.740. https://fastdial.net/static/styles/common/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4fb08%0d%0aa9fd33f2bd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4fb08%0d%0aa9fd33f2bd/styles/common/images/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:06:58 GMT
Server: Apache
Location: http://fastdial.net/4fb08
a9fd33f2bd/styles/common/images/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.741. https://fastdial.net/static/styles/common/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e8452%0d%0acd939fb0d7d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e8452%0d%0acd939fb0d7d/common/images/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:12 GMT
Server: Apache
Location: http://fastdial.net/static/e8452
cd939fb0d7d/common/images/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.742. https://fastdial.net/static/styles/common/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 32acb%0d%0aee0fdf2cadf was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/32acb%0d%0aee0fdf2cadf/images/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/32acb
ee0fdf2cadf/images/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.743. https://fastdial.net/static/styles/common/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5dbf0%0d%0abaca98535e3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/5dbf0%0d%0abaca98535e3/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/5dbf0
baca98535e3/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.744. https://fastdial.net/static/styles/common/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1845c%0d%0a0f223d1894a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/1845c%0d%0a0f223d1894a/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/1845c
0f223d1894a/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.745. https://fastdial.net/static/styles/common/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c0734%0d%0a718204c278a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/c0734%0d%0a718204c278a/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/c0734
718204c278a/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.746. https://fastdial.net/static/styles/common/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload bb475%0d%0a9860c6ce066 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/scripts/bb475%0d%0a9860c6ce066/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/scripts/bb475
9860c6ce066/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.747. https://fastdial.net/static/styles/common/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload aef67%0d%0a8616215591 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/scripts/styles/aef67%0d%0a8616215591/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/scripts/styles/aef67
8616215591/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.748. https://fastdial.net/static/styles/common/images/common/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1488f%0d%0a5b73f310b1d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1488f%0d%0a5b73f310b1d/styles/common/images/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:03 GMT
Server: Apache
Location: http://fastdial.net/1488f
5b73f310b1d/styles/common/images/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.749. https://fastdial.net/static/styles/common/images/common/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a2a42%0d%0ab8f610806ef was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a2a42%0d%0ab8f610806ef/common/images/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:14 GMT
Server: Apache
Location: http://fastdial.net/static/a2a42
b8f610806ef/common/images/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.750. https://fastdial.net/static/styles/common/images/common/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1f487%0d%0a9e6b6450d9c was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1f487%0d%0a9e6b6450d9c/images/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1f487
9e6b6450d9c/images/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.751. https://fastdial.net/static/styles/common/images/common/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b3569%0d%0ab57143123aa was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/b3569%0d%0ab57143123aa/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/b3569
b57143123aa/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.752. https://fastdial.net/static/styles/common/images/common/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload cd6dc%0d%0a648a37a27ca was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/cd6dc%0d%0a648a37a27ca/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/cd6dc
648a37a27ca/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.753. https://fastdial.net/static/styles/common/images/common/scripts/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 60bc6%0d%0aca7dc2f1860 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/60bc6%0d%0aca7dc2f1860/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/60bc6
ca7dc2f1860/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.754. https://fastdial.net/static/styles/common/images/common/scripts/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 2c045%0d%0a6098aa3f6d was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/scripts/2c045%0d%0a6098aa3f6d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/scripts/2c045
6098aa3f6d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.755. https://fastdial.net/static/styles/common/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f58ec%0d%0a5715e658140 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f58ec%0d%0a5715e658140/styles/common/images/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:02:41 GMT
Server: Apache
Location: http://fastdial.net/f58ec
5715e658140/styles/common/images/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.756. https://fastdial.net/static/styles/common/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8abb1%0d%0ad30ed242a1 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8abb1%0d%0ad30ed242a1/common/images/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:02:59 GMT
Server: Apache
Location: http://fastdial.net/static/8abb1
d30ed242a1/common/images/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.757. https://fastdial.net/static/styles/common/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bba78%0d%0a78170faabad was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/bba78%0d%0a78170faabad/images/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/bba78
78170faabad/images/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.758. https://fastdial.net/static/styles/common/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 70776%0d%0ac4e1eec5548 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/70776%0d%0ac4e1eec5548/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/70776
c4e1eec5548/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.759. https://fastdial.net/static/styles/common/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 56f75%0d%0a62ef0e4b2ea was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/56f75%0d%0a62ef0e4b2ea/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/56f75
62ef0e4b2ea/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.760. https://fastdial.net/static/styles/common/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload fdc47%0d%0a77440c95773 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/fdc47%0d%0a77440c95773/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/fdc47
77440c95773/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.761. https://fastdial.net/static/styles/common/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 5c5a7%0d%0a76870828ed6 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/5c5a7%0d%0a76870828ed6/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/5c5a7
76870828ed6/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.762. https://fastdial.net/static/styles/common/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 2790d%0d%0aecea3f290b8 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/common/2790d%0d%0aecea3f290b8/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/common/2790d
ecea3f290b8/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.763. https://fastdial.net/static/styles/common/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 9 is copied into the Location response header. The payload 8f46c%0d%0a165b3cc6afe was submitted in the REST URL parameter 9. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/common/images/8f46c%0d%0a165b3cc6afe/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/common/images/8f46c
165b3cc6afe/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.764. https://fastdial.net/static/styles/common/images/common/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3062f%0d%0af8915b8c5d5 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3062f%0d%0af8915b8c5d5/styles/common/images/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:02:57 GMT
Server: Apache
Location: http://fastdial.net/3062f
f8915b8c5d5/styles/common/images/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.765. https://fastdial.net/static/styles/common/images/common/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a5863%0d%0a1fa5c1566f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a5863%0d%0a1fa5c1566f/common/images/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:11 GMT
Server: Apache
Location: http://fastdial.net/static/a5863
1fa5c1566f/common/images/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.766. https://fastdial.net/static/styles/common/images/common/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 847e2%0d%0a989347bb83 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/847e2%0d%0a989347bb83/images/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/847e2
989347bb83/images/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.767. https://fastdial.net/static/styles/common/images/common/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5b0bd%0d%0a97221d59b7d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/5b0bd%0d%0a97221d59b7d/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/5b0bd
97221d59b7d/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.768. https://fastdial.net/static/styles/common/images/common/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload bdfd5%0d%0a27bd57bb3a6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/bdfd5%0d%0a27bd57bb3a6/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/bdfd5
27bd57bb3a6/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.769. https://fastdial.net/static/styles/common/images/common/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 19fae%0d%0ac24a9809e2b was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/19fae%0d%0ac24a9809e2b/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/19fae
c24a9809e2b/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.770. https://fastdial.net/static/styles/common/images/common/styles/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 5d4e5%0d%0ab6c65d5cb1 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/5d4e5%0d%0ab6c65d5cb1/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/5d4e5
b6c65d5cb1/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.771. https://fastdial.net/static/styles/common/images/common/styles/common/images/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 8a65f%0d%0a47c8bf230dd was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/common/8a65f%0d%0a47c8bf230dd/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/common/8a65f
47c8bf230dd/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.772. https://fastdial.net/static/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 150a7%0d%0ac868a64dc7a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /150a7%0d%0ac868a64dc7a/styles/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:06:59 GMT
Server: Apache
Location: http://fastdial.net/150a7
c868a64dc7a/styles/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.773. https://fastdial.net/static/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a2e7f%0d%0a9524f0ea46d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a2e7f%0d%0a9524f0ea46d/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:07:12 GMT
Server: Apache
Location: http://fastdial.net/static/a2e7f
9524f0ea46d/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.774. https://fastdial.net/static/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4afd1%0d%0a92f7acc3d1e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/4afd1%0d%0a92f7acc3d1e/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:07:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/4afd1
92f7acc3d1e/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.775. https://fastdial.net/static/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ea951%0d%0a779f25cf5c0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ea951%0d%0a779f25cf5c0/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:07:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ea951
779f25cf5c0/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.776. https://fastdial.net/static/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 705c6%0d%0ab2e1ab49b45 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/705c6%0d%0ab2e1ab49b45/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:08:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/705c6
b2e1ab49b45/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.777. https://fastdial.net/static/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7497c%0d%0af03aa98b549 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/7497c%0d%0af03aa98b549/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:09:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/7497c
f03aa98b549/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.778. https://fastdial.net/static/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 24381%0d%0a88d1d0a81b7 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/24381%0d%0a88d1d0a81b7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/24381
88d1d0a81b7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.779. https://fastdial.net/static/styles/common/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4cf08%0d%0a1d6528640d0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4cf08%0d%0a1d6528640d0/styles/common/images/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:59:30 GMT
Server: Apache
Location: http://fastdial.net/4cf08
1d6528640d0/styles/common/images/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.780. https://fastdial.net/static/styles/common/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 46b21%0d%0ad354c806aeb was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/46b21%0d%0ad354c806aeb/common/images/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:13 GMT
Server: Apache
Location: http://fastdial.net/static/46b21
d354c806aeb/common/images/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.781. https://fastdial.net/static/styles/common/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 66c59%0d%0a01d888af103 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/66c59%0d%0a01d888af103/images/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/66c59
01d888af103/images/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.782. https://fastdial.net/static/styles/common/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ce6e5%0d%0a5c14f902cda was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ce6e5%0d%0a5c14f902cda/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ce6e5
5c14f902cda/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.783. https://fastdial.net/static/styles/common/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7992b%0d%0add20e500c9d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/7992b%0d%0add20e500c9d/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/7992b
dd20e500c9d/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.784. https://fastdial.net/static/styles/common/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7172a%0d%0a23c5ea5b3e1 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/7172a%0d%0a23c5ea5b3e1/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/7172a
23c5ea5b3e1/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.785. https://fastdial.net/static/styles/common/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 24ada%0d%0a1bd3fbe4c3d was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/24ada%0d%0a1bd3fbe4c3d/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/24ada
1bd3fbe4c3d/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.786. https://fastdial.net/static/styles/common/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 2d2c3%0d%0a6566a2b01a3 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/common/2d2c3%0d%0a6566a2b01a3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/common/2d2c3
6566a2b01a3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.787. https://fastdial.net/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f7a25%0d%0a32293c76fd8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f7a25%0d%0a32293c76fd8/styles/common/images/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:58:56 GMT
Server: Apache
Location: http://fastdial.net/f7a25
32293c76fd8/styles/common/images/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.788. https://fastdial.net/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f97f6%0d%0af3c6597fd7c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f97f6%0d%0af3c6597fd7c/common/images/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:12 GMT
Server: Apache
Location: http://fastdial.net/static/f97f6
f3c6597fd7c/common/images/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.789. https://fastdial.net/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 314f5%0d%0a5f47b7c6d11 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/314f5%0d%0a5f47b7c6d11/images/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/314f5
5f47b7c6d11/images/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.790. https://fastdial.net/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload cdb9a%0d%0ab60171dae9d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/cdb9a%0d%0ab60171dae9d/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/cdb9a
b60171dae9d/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.791. https://fastdial.net/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b9d27%0d%0a1cf63a2f740 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/b9d27%0d%0a1cf63a2f740/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/b9d27
1cf63a2f740/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.792. https://fastdial.net/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 902cb%0d%0a07068062b87 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/902cb%0d%0a07068062b87/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/902cb
07068062b87/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.793. https://fastdial.net/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 37de4%0d%0a168f57a5596 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/37de4%0d%0a168f57a5596/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/37de4
168f57a5596/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.794. https://fastdial.net/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 10d38%0d%0a444c7e20a3f was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/common/10d38%0d%0a444c7e20a3f/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/common/10d38
444c7e20a3f/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.795. https://fastdial.net/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 9 is copied into the Location response header. The payload 11bcb%0d%0a7b47f719c21 was submitted in the REST URL parameter 9. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/common/styles/11bcb%0d%0a7b47f719c21/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/common/styles/11bcb
7b47f719c21/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.796. https://fastdial.net/static/styles/common/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c5f22%0d%0aa153826d531 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c5f22%0d%0aa153826d531/styles/common/images/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:59:14 GMT
Server: Apache
Location: http://fastdial.net/c5f22
a153826d531/styles/common/images/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.797. https://fastdial.net/static/styles/common/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1b6c9%0d%0a93ac739b7f2 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1b6c9%0d%0a93ac739b7f2/common/images/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:13 GMT
Server: Apache
Location: http://fastdial.net/static/1b6c9
93ac739b7f2/common/images/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.798. https://fastdial.net/static/styles/common/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ed66d%0d%0adc2cac19cd3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ed66d%0d%0adc2cac19cd3/images/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ed66d
dc2cac19cd3/images/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.799. https://fastdial.net/static/styles/common/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 66156%0d%0a13c17e18cd3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/66156%0d%0a13c17e18cd3/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/66156
13c17e18cd3/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.800. https://fastdial.net/static/styles/common/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6a5c0%0d%0a8b1b9c10e4f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/6a5c0%0d%0a8b1b9c10e4f/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/6a5c0
8b1b9c10e4f/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.801. https://fastdial.net/static/styles/common/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 3d739%0d%0a4d06a6540fe was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/3d739%0d%0a4d06a6540fe/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/3d739
4d06a6540fe/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.802. https://fastdial.net/static/styles/common/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload cc6da%0d%0a500148004b5 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/cc6da%0d%0a500148004b5/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/cc6da
500148004b5/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.803. https://fastdial.net/static/styles/common/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload f225d%0d%0a7348a14f02e was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/common/f225d%0d%0a7348a14f02e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/common/f225d
7348a14f02e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.804. https://fastdial.net/static/styles/common/images/common/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 604d9%0d%0a510c146a604 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /604d9%0d%0a510c146a604/styles/common/images/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:06:13 GMT
Server: Apache
Location: http://fastdial.net/604d9
510c146a604/styles/common/images/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.805. https://fastdial.net/static/styles/common/images/common/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a9741%0d%0a737daf5c501 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a9741%0d%0a737daf5c501/common/images/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:06:28 GMT
Server: Apache
Location: http://fastdial.net/static/a9741
737daf5c501/common/images/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.806. https://fastdial.net/static/styles/common/images/common/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload fabb4%0d%0ae889919b5ec was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/fabb4%0d%0ae889919b5ec/images/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:06:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/fabb4
e889919b5ec/images/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.807. https://fastdial.net/static/styles/common/images/common/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 47467%0d%0afb09a138fa6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/47467%0d%0afb09a138fa6/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/47467
fb09a138fa6/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.808. https://fastdial.net/static/styles/common/images/common/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7a601%0d%0abe3877ca1a4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/7a601%0d%0abe3877ca1a4/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/7a601
be3877ca1a4/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.809. https://fastdial.net/static/styles/common/images/common/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload dcdab%0d%0a4f30abbb4b4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/dcdab%0d%0a4f30abbb4b4/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/dcdab
4f30abbb4b4/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.810. https://fastdial.net/static/styles/common/images/common/styles/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 45623%0d%0a6f906810838 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/45623%0d%0a6f906810838/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/45623
6f906810838/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.811. https://fastdial.net/static/styles/common/images/common/styles/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload f733b%0d%0af7d54e8461e was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/images/f733b%0d%0af7d54e8461e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/images/f733b
f7d54e8461e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.812. https://fastdial.net/static/styles/common/images/common/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c84ce%0d%0a32ef461f42d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c84ce%0d%0a32ef461f42d/styles/common/images/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:06:46 GMT
Server: Apache
Location: http://fastdial.net/c84ce
32ef461f42d/styles/common/images/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.813. https://fastdial.net/static/styles/common/images/common/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2e21b%0d%0a7798f0d7509 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2e21b%0d%0a7798f0d7509/common/images/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:06:59 GMT
Server: Apache
Location: http://fastdial.net/static/2e21b
7798f0d7509/common/images/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.814. https://fastdial.net/static/styles/common/images/common/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f085f%0d%0aadc0818f71e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f085f%0d%0aadc0818f71e/images/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f085f
adc0818f71e/images/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.815. https://fastdial.net/static/styles/common/images/common/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5db3e%0d%0a23216adfd57 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/5db3e%0d%0a23216adfd57/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/5db3e
23216adfd57/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.816. https://fastdial.net/static/styles/common/images/common/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c6103%0d%0a2e329377681 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/c6103%0d%0a2e329377681/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/c6103
2e329377681/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.817. https://fastdial.net/static/styles/common/images/common/styles/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 98dda%0d%0af0eeda97e26 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/98dda%0d%0af0eeda97e26/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:07:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/98dda
f0eeda97e26/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.818. https://fastdial.net/static/styles/common/images/common/styles/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 70c0d%0d%0a49cee445a90 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/70c0d%0d%0a49cee445a90/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:08:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/70c0d
49cee445a90/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.819. https://fastdial.net/static/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c8fa2%0d%0a7e0339b339f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c8fa2%0d%0a7e0339b339f/styles/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:08:35 GMT
Server: Apache
Location: http://fastdial.net/c8fa2
7e0339b339f/styles/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.820. https://fastdial.net/static/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2446a%0d%0a08c04450717 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2446a%0d%0a08c04450717/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:08:50 GMT
Server: Apache
Location: http://fastdial.net/static/2446a
08c04450717/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.821. https://fastdial.net/static/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 311ed%0d%0a79895b8b74 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/311ed%0d%0a79895b8b74/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:09:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/311ed
79895b8b74/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.822. https://fastdial.net/static/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 252e9%0d%0a40cab79bd09 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/252e9%0d%0a40cab79bd09/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/252e9
40cab79bd09/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.823. https://fastdial.net/static/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 34da8%0d%0a400f5b13c4b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/34da8%0d%0a400f5b13c4b/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/34da8
400f5b13c4b/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.824. https://fastdial.net/static/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 4a9b7%0d%0a7969b7a5aa9 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/4a9b7%0d%0a7969b7a5aa9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/4a9b7
7969b7a5aa9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.825. https://fastdial.net/static/styles/common/images/common/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9f24b%0d%0a29560168ec4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9f24b%0d%0a29560168ec4/styles/common/images/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:58 GMT
Server: Apache
Location: http://fastdial.net/9f24b
29560168ec4/styles/common/images/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.826. https://fastdial.net/static/styles/common/images/common/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f1a06%0d%0abf0732ec329 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f1a06%0d%0abf0732ec329/common/images/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:09 GMT
Server: Apache
Location: http://fastdial.net/static/f1a06
bf0732ec329/common/images/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.827. https://fastdial.net/static/styles/common/images/common/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e3a58%0d%0a5025bbc3653 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e3a58%0d%0a5025bbc3653/images/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e3a58
5025bbc3653/images/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.828. https://fastdial.net/static/styles/common/images/common/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ef350%0d%0abe310f8ff18 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ef350%0d%0abe310f8ff18/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ef350
be310f8ff18/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.829. https://fastdial.net/static/styles/common/images/common/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5d253%0d%0a577c0123ee7 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/5d253%0d%0a577c0123ee7/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/5d253
577c0123ee7/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.830. https://fastdial.net/static/styles/common/images/common/styles/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 82c54%0d%0a3192cc018dd was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/82c54%0d%0a3192cc018dd/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:05:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/82c54
3192cc018dd/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.831. https://fastdial.net/static/styles/common/images/common/styles/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d2899%0d%0a0a4b268903d was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/d2899%0d%0a0a4b268903d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:05:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/d2899
0a4b268903d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.832. https://fastdial.net/static/styles/common/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1c631%0d%0a18369caa594 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1c631%0d%0a18369caa594/styles/common/images/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:39 GMT
Server: Apache
Location: http://fastdial.net/1c631
18369caa594/styles/common/images/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.833. https://fastdial.net/static/styles/common/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 11aea%0d%0aca9fd134719 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/11aea%0d%0aca9fd134719/common/images/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:53 GMT
Server: Apache
Location: http://fastdial.net/static/11aea
ca9fd134719/common/images/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.834. https://fastdial.net/static/styles/common/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 8954f%0d%0a08e4115bb14 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/8954f%0d%0a08e4115bb14/images/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/8954f
08e4115bb14/images/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.835. https://fastdial.net/static/styles/common/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c09fd%0d%0ad893f2230e4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/c09fd%0d%0ad893f2230e4/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/c09fd
d893f2230e4/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.836. https://fastdial.net/static/styles/common/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b74be%0d%0afecb67fe407 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/b74be%0d%0afecb67fe407/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/b74be
fecb67fe407/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.837. https://fastdial.net/static/styles/common/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c158b%0d%0ae4e9a43c8f6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/c158b%0d%0ae4e9a43c8f6/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/c158b
e4e9a43c8f6/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.838. https://fastdial.net/static/styles/common/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 9c0c4%0d%0a870212fe441 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/9c0c4%0d%0a870212fe441/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:05:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/9c0c4
870212fe441/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.839. https://fastdial.net/static/styles/common/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 27c74%0d%0aa75dc71d401 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/styles/27c74%0d%0aa75dc71d401/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:05:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/styles/27c74
a75dc71d401/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.840. https://fastdial.net/static/styles/common/images/common/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload cde4a%0d%0a281a4bb7923 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /cde4a%0d%0a281a4bb7923/styles/common/images/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:37 GMT
Server: Apache
Location: http://fastdial.net/cde4a
281a4bb7923/styles/common/images/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.841. https://fastdial.net/static/styles/common/images/common/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a10bc%0d%0ab99fdbe630e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a10bc%0d%0ab99fdbe630e/common/images/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:03:55 GMT
Server: Apache
Location: http://fastdial.net/static/a10bc
b99fdbe630e/common/images/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.842. https://fastdial.net/static/styles/common/images/common/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c74f9%0d%0a68b330a982e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c74f9%0d%0a68b330a982e/images/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c74f9
68b330a982e/images/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.843. https://fastdial.net/static/styles/common/images/common/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5eef5%0d%0a07547cf76c9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/5eef5%0d%0a07547cf76c9/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/5eef5
07547cf76c9/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.844. https://fastdial.net/static/styles/common/images/common/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 76fd4%0d%0acb34eb2c625 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/76fd4%0d%0acb34eb2c625/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/76fd4
cb34eb2c625/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.845. https://fastdial.net/static/styles/common/images/common/styles/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 2827a%0d%0ad0cfeb1033c was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/2827a%0d%0ad0cfeb1033c/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:04:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/2827a
d0cfeb1033c/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.846. https://fastdial.net/static/styles/common/images/common/styles/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 245e8%0d%0ad9db4818fe5 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/common/styles/245e8%0d%0ad9db4818fe5/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:05:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/common/styles/245e8
d9db4818fe5/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.847. https://fastdial.net/static/styles/common/images/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e1ada%0d%0add92e30bc1c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e1ada%0d%0add92e30bc1c/styles/common/images/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:29:51 GMT
Server: Apache
Location: http://fastdial.net/e1ada
dd92e30bc1c/styles/common/images/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.848. https://fastdial.net/static/styles/common/images/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 17811%0d%0a905dfd41512 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/17811%0d%0a905dfd41512/common/images/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:18 GMT
Server: Apache
Location: http://fastdial.net/static/17811
905dfd41512/common/images/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.849. https://fastdial.net/static/styles/common/images/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 61397%0d%0a5d337d4018a was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/61397%0d%0a5d337d4018a/images/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/61397
5d337d4018a/images/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.850. https://fastdial.net/static/styles/common/images/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f371e%0d%0af5b7c9efa74 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/f371e%0d%0af5b7c9efa74/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/f371e
f5b7c9efa74/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.851. https://fastdial.net/static/styles/common/images/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2f09c%0d%0abeec32c4a1f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/2f09c%0d%0abeec32c4a1f/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/2f09c
beec32c4a1f/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.852. https://fastdial.net/static/styles/common/images/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 4f3ca%0d%0ad1bd8e43be0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/4f3ca%0d%0ad1bd8e43be0/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/4f3ca
d1bd8e43be0/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.853. https://fastdial.net/static/styles/common/images/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 48e0c%0d%0a7eae14b0237 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/common/48e0c%0d%0a7eae14b0237/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/common/48e0c
7eae14b0237/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.854. https://fastdial.net/static/styles/common/images/images/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 3ca2d%0d%0a4c2b58a47b5 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/common/images/3ca2d%0d%0a4c2b58a47b5/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:32:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/common/images/3ca2d
4c2b58a47b5/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.855. https://fastdial.net/static/styles/common/images/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b2b64%0d%0af83c2ccbf01 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b2b64%0d%0af83c2ccbf01/styles/common/images/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:00 GMT
Server: Apache
Location: http://fastdial.net/b2b64
f83c2ccbf01/styles/common/images/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.856. https://fastdial.net/static/styles/common/images/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f1709%0d%0a4f9fa516e4 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f1709%0d%0a4f9fa516e4/common/images/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:15 GMT
Server: Apache
Location: http://fastdial.net/static/f1709
4f9fa516e4/common/images/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.857. https://fastdial.net/static/styles/common/images/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 333ac%0d%0a3927b5e785 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/333ac%0d%0a3927b5e785/images/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/333ac
3927b5e785/images/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.858. https://fastdial.net/static/styles/common/images/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 3b605%0d%0a023da8a1690 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/3b605%0d%0a023da8a1690/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/3b605
023da8a1690/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.859. https://fastdial.net/static/styles/common/images/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4f818%0d%0acb51315717c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/4f818%0d%0acb51315717c/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/4f818
cb51315717c/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.860. https://fastdial.net/static/styles/common/images/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 653d0%0d%0a601c592441e was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/653d0%0d%0a601c592441e/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/653d0
601c592441e/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.861. https://fastdial.net/static/styles/common/images/images/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload c8e3f%0d%0a4e1ee6c3dd9 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/common/c8e3f%0d%0a4e1ee6c3dd9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/common/c8e3f
4e1ee6c3dd9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.862. https://fastdial.net/static/styles/common/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6abdb%0d%0a9a29726a3d8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6abdb%0d%0a9a29726a3d8/styles/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:17:09 GMT
Server: Apache
Location: http://fastdial.net/6abdb
9a29726a3d8/styles/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.863. https://fastdial.net/static/styles/common/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8610d%0d%0aa9853a5eef9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8610d%0d%0aa9853a5eef9/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:17:23 GMT
Server: Apache
Location: http://fastdial.net/static/8610d
a9853a5eef9/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.864. https://fastdial.net/static/styles/common/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 148f8%0d%0a23df102b82a was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/148f8%0d%0a23df102b82a/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:17:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/148f8
23df102b82a/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.865. https://fastdial.net/static/styles/common/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 26e57%0d%0a9dd9717e767 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/26e57%0d%0a9dd9717e767/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:17:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/26e57
9dd9717e767/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.866. https://fastdial.net/static/styles/common/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4c6f7%0d%0a3cb7113b7a1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/4c6f7%0d%0a3cb7113b7a1/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:18:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/4c6f7
3cb7113b7a1/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.867. https://fastdial.net/static/styles/common/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 2f5e7%0d%0a7b92afcf027 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/2f5e7%0d%0a7b92afcf027/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:18:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/2f5e7
7b92afcf027/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.868. https://fastdial.net/static/styles/common/images/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3f896%0d%0adca3a4329ff was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3f896%0d%0adca3a4329ff/styles/common/images/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:29:28 GMT
Server: Apache
Location: http://fastdial.net/3f896
dca3a4329ff/styles/common/images/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.869. https://fastdial.net/static/styles/common/images/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 912c2%0d%0a1a89a1395db was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/912c2%0d%0a1a89a1395db/common/images/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:17 GMT
Server: Apache
Location: http://fastdial.net/static/912c2
1a89a1395db/common/images/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.870. https://fastdial.net/static/styles/common/images/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 464b3%0d%0ad355bcfa79b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/464b3%0d%0ad355bcfa79b/images/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/464b3
d355bcfa79b/images/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.871. https://fastdial.net/static/styles/common/images/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f4dd9%0d%0a1e93c2c855c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/f4dd9%0d%0a1e93c2c855c/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/f4dd9
1e93c2c855c/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.872. https://fastdial.net/static/styles/common/images/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c3ca2%0d%0ac2ac51ff415 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/c3ca2%0d%0ac2ac51ff415/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/c3ca2
c2ac51ff415/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.873. https://fastdial.net/static/styles/common/images/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 2ac6e%0d%0aebc6caff0a0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/2ac6e%0d%0aebc6caff0a0/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/2ac6e
ebc6caff0a0/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.874. https://fastdial.net/static/styles/common/images/images/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 7278d%0d%0ada8dda3a673 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/common/7278d%0d%0ada8dda3a673/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/common/7278d
da8dda3a673/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.875. https://fastdial.net/static/styles/common/images/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 57b7c%0d%0aaae5122e548 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /57b7c%0d%0aaae5122e548/styles/common/images/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:29:05 GMT
Server: Apache
Location: http://fastdial.net/57b7c
aae5122e548/styles/common/images/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.876. https://fastdial.net/static/styles/common/images/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 159e0%0d%0a30d6a4d5bb9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/159e0%0d%0a30d6a4d5bb9/common/images/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:29:17 GMT
Server: Apache
Location: http://fastdial.net/static/159e0
30d6a4d5bb9/common/images/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.877. https://fastdial.net/static/styles/common/images/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload edddb%0d%0aac40e8c023c was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/edddb%0d%0aac40e8c023c/images/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/edddb
ac40e8c023c/images/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.878. https://fastdial.net/static/styles/common/images/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 833df%0d%0a74db44cd295 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/833df%0d%0a74db44cd295/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/833df
74db44cd295/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.879. https://fastdial.net/static/styles/common/images/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e2c02%0d%0ae82422b1fed was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/e2c02%0d%0ae82422b1fed/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/e2c02
e82422b1fed/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.880. https://fastdial.net/static/styles/common/images/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 3d423%0d%0a221d28d1acc was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/3d423%0d%0a221d28d1acc/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/3d423
221d28d1acc/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.881. https://fastdial.net/static/styles/common/images/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 6d606%0d%0a36ba0c3b828 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/common/6d606%0d%0a36ba0c3b828/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/common/6d606
36ba0c3b828/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.882. https://fastdial.net/static/styles/common/images/images/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload d17ce%0d%0aec737b3f85f was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/common/styles/d17ce%0d%0aec737b3f85f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/common/styles/d17ce
ec737b3f85f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.883. https://fastdial.net/static/styles/common/images/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c7dc7%0d%0ac88e01e8378 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c7dc7%0d%0ac88e01e8378/styles/common/images/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:29:17 GMT
Server: Apache
Location: http://fastdial.net/c7dc7
c88e01e8378/styles/common/images/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.884. https://fastdial.net/static/styles/common/images/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c725c%0d%0a3c230f8deac was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c725c%0d%0a3c230f8deac/common/images/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:29:29 GMT
Server: Apache
Location: http://fastdial.net/static/c725c
3c230f8deac/common/images/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.885. https://fastdial.net/static/styles/common/images/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1265d%0d%0a96f166a49d0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1265d%0d%0a96f166a49d0/images/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1265d
96f166a49d0/images/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.886. https://fastdial.net/static/styles/common/images/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload cf43a%0d%0a32fb492b630 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/cf43a%0d%0a32fb492b630/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/cf43a
32fb492b630/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.887. https://fastdial.net/static/styles/common/images/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f11aa%0d%0a78fb75f1515 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/f11aa%0d%0a78fb75f1515/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:30:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/f11aa
78fb75f1515/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.888. https://fastdial.net/static/styles/common/images/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a420e%0d%0ad2e6931be8f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/a420e%0d%0ad2e6931be8f/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/a420e
d2e6931be8f/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.889. https://fastdial.net/static/styles/common/images/images/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 98eda%0d%0a0468ce89bb2 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/common/98eda%0d%0a0468ce89bb2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:31:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/common/98eda
0468ce89bb2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.890. https://fastdial.net/static/styles/common/images/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 66f79%0d%0ab7f10e0f232 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /66f79%0d%0ab7f10e0f232/styles/common/images/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:07 GMT
Server: Apache
Location: http://fastdial.net/66f79
b7f10e0f232/styles/common/images/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.891. https://fastdial.net/static/styles/common/images/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6cb89%0d%0a8f5e7d9cef9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6cb89%0d%0a8f5e7d9cef9/common/images/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:22 GMT
Server: Apache
Location: http://fastdial.net/static/6cb89
8f5e7d9cef9/common/images/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.892. https://fastdial.net/static/styles/common/images/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 27f91%0d%0ae2de2f3af2b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/27f91%0d%0ae2de2f3af2b/images/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/27f91
e2de2f3af2b/images/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.893. https://fastdial.net/static/styles/common/images/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e15c6%0d%0a68311eb68a7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/e15c6%0d%0a68311eb68a7/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:49 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/e15c6
68311eb68a7/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.894. https://fastdial.net/static/styles/common/images/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload aa765%0d%0a5de2586fbb8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/aa765%0d%0a5de2586fbb8/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:35:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/aa765
5de2586fbb8/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.895. https://fastdial.net/static/styles/common/images/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d755b%0d%0a4e82cc7532 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/d755b%0d%0a4e82cc7532/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:35:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/d755b
4e82cc7532/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.896. https://fastdial.net/static/styles/common/images/images/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 40c71%0d%0aa4738de428a was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/images/40c71%0d%0aa4738de428a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:35:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/images/40c71
a4738de428a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.897. https://fastdial.net/static/styles/common/images/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 57738%0d%0a9863824eada was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /57738%0d%0a9863824eada/styles/common/images/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:17 GMT
Server: Apache
Location: http://fastdial.net/57738
9863824eada/styles/common/images/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.898. https://fastdial.net/static/styles/common/images/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2ec79%0d%0a1459fb7c1ab was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2ec79%0d%0a1459fb7c1ab/common/images/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:28 GMT
Server: Apache
Location: http://fastdial.net/static/2ec79
1459fb7c1ab/common/images/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.899. https://fastdial.net/static/styles/common/images/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 48661%0d%0aaf716e108f6 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/48661%0d%0aaf716e108f6/images/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/48661
af716e108f6/images/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.900. https://fastdial.net/static/styles/common/images/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d4d25%0d%0a687986bd2c0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/d4d25%0d%0a687986bd2c0/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/d4d25
687986bd2c0/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.901. https://fastdial.net/static/styles/common/images/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1eced%0d%0a8ca31c16b34 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/1eced%0d%0a8ca31c16b34/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:35:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/1eced
8ca31c16b34/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.902. https://fastdial.net/static/styles/common/images/images/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 628d6%0d%0a4b38e5063b6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/628d6%0d%0a4b38e5063b6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:35:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/628d6
4b38e5063b6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.903. https://fastdial.net/static/styles/common/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7b40f%0d%0a7a608705991 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7b40f%0d%0a7a608705991/styles/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:18:15 GMT
Server: Apache
Location: http://fastdial.net/7b40f
7a608705991/styles/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.904. https://fastdial.net/static/styles/common/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload be2b1%0d%0adfe24ed1b7b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/be2b1%0d%0adfe24ed1b7b/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:18:35 GMT
Server: Apache
Location: http://fastdial.net/static/be2b1
dfe24ed1b7b/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.905. https://fastdial.net/static/styles/common/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1d25f%0d%0a12ee27bf00b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1d25f%0d%0a12ee27bf00b/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1d25f
12ee27bf00b/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.906. https://fastdial.net/static/styles/common/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 83853%0d%0a82e7ad4454d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/83853%0d%0a82e7ad4454d/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/83853
82e7ad4454d/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.907. https://fastdial.net/static/styles/common/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3cd78%0d%0a95f0bd492ba was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/3cd78%0d%0a95f0bd492ba/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/3cd78
95f0bd492ba/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.908. https://fastdial.net/static/styles/common/images/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f0b95%0d%0a62400bc3c3f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f0b95%0d%0a62400bc3c3f/styles/common/images/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:33:48 GMT
Server: Apache
Location: http://fastdial.net/f0b95
62400bc3c3f/styles/common/images/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.909. https://fastdial.net/static/styles/common/images/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 577ed%0d%0af0e6e2d775a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/577ed%0d%0af0e6e2d775a/common/images/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:06 GMT
Server: Apache
Location: http://fastdial.net/static/577ed
f0e6e2d775a/common/images/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.910. https://fastdial.net/static/styles/common/images/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4f8d7%0d%0af7cb71adce8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/4f8d7%0d%0af7cb71adce8/images/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/4f8d7
f7cb71adce8/images/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.911. https://fastdial.net/static/styles/common/images/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 699ba%0d%0a6e33684bc74 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/699ba%0d%0a6e33684bc74/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/699ba
6e33684bc74/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.912. https://fastdial.net/static/styles/common/images/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 87acc%0d%0a49e854acfab was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/87acc%0d%0a49e854acfab/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/87acc
49e854acfab/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.913. https://fastdial.net/static/styles/common/images/images/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d253e%0d%0a62f74ca3cc3 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/d253e%0d%0a62f74ca3cc3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:35:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/d253e
62f74ca3cc3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.914. https://fastdial.net/static/styles/common/images/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 14a62%0d%0ad92174c1191 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /14a62%0d%0ad92174c1191/styles/common/images/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:32:53 GMT
Server: Apache
Location: http://fastdial.net/14a62
d92174c1191/styles/common/images/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.915. https://fastdial.net/static/styles/common/images/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 74c10%0d%0ae2a5a75a1cc was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/74c10%0d%0ae2a5a75a1cc/common/images/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:33:06 GMT
Server: Apache
Location: http://fastdial.net/static/74c10
e2a5a75a1cc/common/images/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.916. https://fastdial.net/static/styles/common/images/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 37103%0d%0ac0ab438b8b1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/37103%0d%0ac0ab438b8b1/images/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:33:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/37103
c0ab438b8b1/images/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.917. https://fastdial.net/static/styles/common/images/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 486d7%0d%0a257a9cb0075 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/486d7%0d%0a257a9cb0075/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:33:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/486d7
257a9cb0075/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.918. https://fastdial.net/static/styles/common/images/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3acf9%0d%0a4768856b3f5 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/3acf9%0d%0a4768856b3f5/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:33:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/3acf9
4768856b3f5/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.919. https://fastdial.net/static/styles/common/images/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a9c0e%0d%0aea716a16deb was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/a9c0e%0d%0aea716a16deb/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/a9c0e
ea716a16deb/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.920. https://fastdial.net/static/styles/common/images/images/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 9477e%0d%0a5c4761e8b9b was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/styles/9477e%0d%0a5c4761e8b9b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/styles/9477e
5c4761e8b9b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.921. https://fastdial.net/static/styles/common/images/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7e510%0d%0ab126a82ea4f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7e510%0d%0ab126a82ea4f/styles/common/images/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:32:57 GMT
Server: Apache
Location: http://fastdial.net/7e510
b126a82ea4f/styles/common/images/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.922. https://fastdial.net/static/styles/common/images/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a70f3%0d%0a12f896b92fd was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a70f3%0d%0a12f896b92fd/common/images/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:33:11 GMT
Server: Apache
Location: http://fastdial.net/static/a70f3
12f896b92fd/common/images/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.923. https://fastdial.net/static/styles/common/images/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 66f76%0d%0a7e46fb63c1f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/66f76%0d%0a7e46fb63c1f/images/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:33:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/66f76
7e46fb63c1f/images/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.924. https://fastdial.net/static/styles/common/images/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload eefe0%0d%0a067fe98fa7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/eefe0%0d%0a067fe98fa7/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:33:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/eefe0
067fe98fa7/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.925. https://fastdial.net/static/styles/common/images/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a11e5%0d%0a67a40d829b3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/a11e5%0d%0a67a40d829b3/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:33:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/a11e5
67a40d829b3/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.926. https://fastdial.net/static/styles/common/images/images/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c9d7f%0d%0a3c0335b2ac9 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/images/c9d7f%0d%0a3c0335b2ac9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:34:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/images/c9d7f
3c0335b2ac9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.927. https://fastdial.net/static/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 882f3%0d%0a421840b7a5 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /882f3%0d%0a421840b7a5/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:16:17 GMT
Server: Apache
Location: http://fastdial.net/882f3
421840b7a5/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.928. https://fastdial.net/static/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b1e5e%0d%0aed81d46ebbd was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b1e5e%0d%0aed81d46ebbd/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:16:41 GMT
Server: Apache
Location: http://fastdial.net/static/b1e5e
ed81d46ebbd/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.929. https://fastdial.net/static/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1ee0a%0d%0a384842fa4f7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1ee0a%0d%0a384842fa4f7/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:17:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1ee0a
384842fa4f7/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.930. https://fastdial.net/static/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 31f67%0d%0aa8ba2adf797 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/31f67%0d%0aa8ba2adf797/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:17:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/31f67
a8ba2adf797/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.931. https://fastdial.net/static/styles/common/images/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b9c1d%0d%0ab97ff80ebcc was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b9c1d%0d%0ab97ff80ebcc/styles/common/images/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:58 GMT
Server: Apache
Location: http://fastdial.net/b9c1d
b97ff80ebcc/styles/common/images/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.932. https://fastdial.net/static/styles/common/images/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 89892%0d%0a0a34e9515fe was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/89892%0d%0a0a34e9515fe/common/images/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:26:50 GMT
Server: Apache
Location: http://fastdial.net/static/89892
0a34e9515fe/common/images/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.933. https://fastdial.net/static/styles/common/images/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b438f%0d%0a28f39c99a76 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b438f%0d%0a28f39c99a76/images/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b438f
28f39c99a76/images/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.934. https://fastdial.net/static/styles/common/images/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4f243%0d%0a09592cfc219 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/4f243%0d%0a09592cfc219/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/4f243
09592cfc219/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.935. https://fastdial.net/static/styles/common/images/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4a747%0d%0ace8dff0ec8d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/4a747%0d%0ace8dff0ec8d/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/4a747
ce8dff0ec8d/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.936. https://fastdial.net/static/styles/common/images/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 318b7%0d%0a8de57894385 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/scripts/318b7%0d%0a8de57894385/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/scripts/318b7
8de57894385/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.937. https://fastdial.net/static/styles/common/images/scripts/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload f2186%0d%0a604333b1c6b was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/scripts/images/f2186%0d%0a604333b1c6b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:28:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/scripts/images/f2186
604333b1c6b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.938. https://fastdial.net/static/styles/common/images/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1a346%0d%0a13962d15e28 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1a346%0d%0a13962d15e28/styles/common/images/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:23 GMT
Server: Apache
Location: http://fastdial.net/1a346
13962d15e28/styles/common/images/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.939. https://fastdial.net/static/styles/common/images/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 78248%0d%0a518ca9bbbc3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/78248%0d%0a518ca9bbbc3/common/images/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:41 GMT
Server: Apache
Location: http://fastdial.net/static/78248
518ca9bbbc3/common/images/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.940. https://fastdial.net/static/styles/common/images/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload fcebe%0d%0acaf3f960d75 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/fcebe%0d%0acaf3f960d75/images/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/fcebe
caf3f960d75/images/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.941. https://fastdial.net/static/styles/common/images/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 57826%0d%0a0be905f73a2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/57826%0d%0a0be905f73a2/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:28:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/57826
0be905f73a2/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.942. https://fastdial.net/static/styles/common/images/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a7cd3%0d%0a1d6a3c7ae was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/a7cd3%0d%0a1d6a3c7ae/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:28:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/a7cd3
1d6a3c7ae/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.943. https://fastdial.net/static/styles/common/images/scripts/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1d1fb%0d%0a029c3c7f0c3 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/scripts/1d1fb%0d%0a029c3c7f0c3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:28:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/scripts/1d1fb
029c3c7f0c3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.944. https://fastdial.net/static/styles/common/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 47340%0d%0a65c186b54b1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /47340%0d%0a65c186b54b1/styles/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:15:55 GMT
Server: Apache
Location: http://fastdial.net/47340
65c186b54b1/styles/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.945. https://fastdial.net/static/styles/common/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 416bb%0d%0aab5c51d9c48 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/416bb%0d%0aab5c51d9c48/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:16:08 GMT
Server: Apache
Location: http://fastdial.net/static/416bb
ab5c51d9c48/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.946. https://fastdial.net/static/styles/common/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4c7c3%0d%0abc3ca0b8822 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/4c7c3%0d%0abc3ca0b8822/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:16:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/4c7c3
bc3ca0b8822/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.947. https://fastdial.net/static/styles/common/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6b86e%0d%0ab5f748f5c88 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/6b86e%0d%0ab5f748f5c88/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:17:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/6b86e
b5f748f5c88/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.948. https://fastdial.net/static/styles/common/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload dd674%0d%0a758425a4f7f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/dd674%0d%0a758425a4f7f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:17:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/dd674
758425a4f7f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.949. https://fastdial.net/static/styles/common/images/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload feddd%0d%0a2988f00e05f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /feddd%0d%0a2988f00e05f/styles/common/images/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:27 GMT
Server: Apache
Location: http://fastdial.net/feddd
2988f00e05f/styles/common/images/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.950. https://fastdial.net/static/styles/common/images/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ca4b7%0d%0a4d3c4cd0865 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ca4b7%0d%0a4d3c4cd0865/common/images/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:43 GMT
Server: Apache
Location: http://fastdial.net/static/ca4b7
4d3c4cd0865/common/images/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.951. https://fastdial.net/static/styles/common/images/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 17b26%0d%0ac1b12428de0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/17b26%0d%0ac1b12428de0/images/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/17b26
c1b12428de0/images/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.952. https://fastdial.net/static/styles/common/images/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 32596%0d%0a0c8fcc0b90f was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/32596%0d%0a0c8fcc0b90f/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:26:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/32596
0c8fcc0b90f/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.953. https://fastdial.net/static/styles/common/images/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a11ff%0d%0a49c973f5145 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/a11ff%0d%0a49c973f5145/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/a11ff
49c973f5145/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.954. https://fastdial.net/static/styles/common/images/scripts/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 5d132%0d%0a5a85c717212 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/scripts/5d132%0d%0a5a85c717212/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/scripts/5d132
5a85c717212/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.955. https://fastdial.net/static/styles/common/images/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5f8ca%0d%0a031b73fb237 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5f8ca%0d%0a031b73fb237/styles/common/images/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:10 GMT
Server: Apache
Location: http://fastdial.net/5f8ca
031b73fb237/styles/common/images/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.956. https://fastdial.net/static/styles/common/images/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7c6cf%0d%0af238f237e28 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7c6cf%0d%0af238f237e28/common/images/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:25 GMT
Server: Apache
Location: http://fastdial.net/static/7c6cf
f238f237e28/common/images/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.957. https://fastdial.net/static/styles/common/images/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload eeb1e%0d%0a632745f17d9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/eeb1e%0d%0a632745f17d9/images/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/eeb1e
632745f17d9/images/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.958. https://fastdial.net/static/styles/common/images/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a2c43%0d%0a3b4bfd8658f was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/a2c43%0d%0a3b4bfd8658f/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/a2c43
3b4bfd8658f/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.959. https://fastdial.net/static/styles/common/images/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload dbaff%0d%0a660aee36f7d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/dbaff%0d%0a660aee36f7d/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:26:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/dbaff
660aee36f7d/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.960. https://fastdial.net/static/styles/common/images/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload aec64%0d%0aabf88a0e852 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/scripts/aec64%0d%0aabf88a0e852/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/scripts/aec64
abf88a0e852/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.961. https://fastdial.net/static/styles/common/images/scripts/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 171af%0d%0a6636679aad2 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/scripts/styles/171af%0d%0a6636679aad2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/scripts/styles/171af
6636679aad2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.962. https://fastdial.net/static/styles/common/images/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e20e3%0d%0aa512668625a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e20e3%0d%0aa512668625a/styles/common/images/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:11 GMT
Server: Apache
Location: http://fastdial.net/e20e3
a512668625a/styles/common/images/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.963. https://fastdial.net/static/styles/common/images/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ab73f%0d%0a75d2d448c5b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ab73f%0d%0a75d2d448c5b/common/images/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:26 GMT
Server: Apache
Location: http://fastdial.net/static/ab73f
75d2d448c5b/common/images/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.964. https://fastdial.net/static/styles/common/images/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload aad49%0d%0aa6d8b739fe8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/aad49%0d%0aa6d8b739fe8/images/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/aad49
a6d8b739fe8/images/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.965. https://fastdial.net/static/styles/common/images/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 538b9%0d%0ae46b50c639b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/538b9%0d%0ae46b50c639b/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:26:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/538b9
e46b50c639b/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.966. https://fastdial.net/static/styles/common/images/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b8149%0d%0a4646681f479 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/b8149%0d%0a4646681f479/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/b8149
4646681f479/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.967. https://fastdial.net/static/styles/common/images/scripts/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 14aaa%0d%0ae86db99c3e6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/scripts/14aaa%0d%0ae86db99c3e6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:27:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/scripts/14aaa
e86db99c3e6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.968. https://fastdial.net/static/styles/common/images/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f191a%0d%0ad86281e6314 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f191a%0d%0ad86281e6314/styles/common/images/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:04 GMT
Server: Apache
Location: http://fastdial.net/f191a
d86281e6314/styles/common/images/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.969. https://fastdial.net/static/styles/common/images/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 89ac9%0d%0ac73b4c0b2ae was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/89ac9%0d%0ac73b4c0b2ae/common/images/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:21 GMT
Server: Apache
Location: http://fastdial.net/static/89ac9
c73b4c0b2ae/common/images/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.970. https://fastdial.net/static/styles/common/images/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 13f79%0d%0a5b3d21d28c8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/13f79%0d%0a5b3d21d28c8/images/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/13f79
5b3d21d28c8/images/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.971. https://fastdial.net/static/styles/common/images/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c427c%0d%0af3f58531ffb was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/c427c%0d%0af3f58531ffb/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/c427c
f3f58531ffb/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.972. https://fastdial.net/static/styles/common/images/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c6287%0d%0a3b1b48a5611 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/c6287%0d%0a3b1b48a5611/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:20:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/c6287
3b1b48a5611/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.973. https://fastdial.net/static/styles/common/images/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload ecf03%0d%0a16c42ff0078 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/ecf03%0d%0a16c42ff0078/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:20:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/ecf03
16c42ff0078/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.974. https://fastdial.net/static/styles/common/images/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload a6e00%0d%0acd2f95a69cc was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/common/a6e00%0d%0acd2f95a69cc/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:20:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/common/a6e00
cd2f95a69cc/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.975. https://fastdial.net/static/styles/common/images/styles/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 8e558%0d%0a740b19d7579 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/common/images/8e558%0d%0a740b19d7579/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:20:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/common/images/8e558
740b19d7579/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.976. https://fastdial.net/static/styles/common/images/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5bab8%0d%0a7a3b007f332 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5bab8%0d%0a7a3b007f332/styles/common/images/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:21:32 GMT
Server: Apache
Location: http://fastdial.net/5bab8
7a3b007f332/styles/common/images/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.977. https://fastdial.net/static/styles/common/images/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9e3c5%0d%0aa0e4d6bfc30 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9e3c5%0d%0aa0e4d6bfc30/common/images/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:21:47 GMT
Server: Apache
Location: http://fastdial.net/static/9e3c5
a0e4d6bfc30/common/images/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.978. https://fastdial.net/static/styles/common/images/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a22b8%0d%0a7e6c99851f2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a22b8%0d%0a7e6c99851f2/images/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a22b8
7e6c99851f2/images/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.979. https://fastdial.net/static/styles/common/images/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 44131%0d%0aeb46518e188 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/44131%0d%0aeb46518e188/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/44131
eb46518e188/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.980. https://fastdial.net/static/styles/common/images/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e7450%0d%0ab76f655a632 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/e7450%0d%0ab76f655a632/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/e7450
b76f655a632/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.981. https://fastdial.net/static/styles/common/images/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d0f3b%0d%0a6925fa00731 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/d0f3b%0d%0a6925fa00731/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/d0f3b
6925fa00731/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.982. https://fastdial.net/static/styles/common/images/styles/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 6dac3%0d%0a111a9442110 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/common/6dac3%0d%0a111a9442110/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/common/6dac3
111a9442110/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.983. https://fastdial.net/static/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a0e3c%0d%0a3cb13a254c5 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a0e3c%0d%0a3cb13a254c5/styles/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:13:46 GMT
Server: Apache
Location: http://fastdial.net/a0e3c
3cb13a254c5/styles/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.984. https://fastdial.net/static/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 40305%0d%0a051af250336 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/40305%0d%0a051af250336/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:14:01 GMT
Server: Apache
Location: http://fastdial.net/static/40305
051af250336/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.985. https://fastdial.net/static/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4d75e%0d%0af707b3faf52 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/4d75e%0d%0af707b3faf52/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:14:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/4d75e
f707b3faf52/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.986. https://fastdial.net/static/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 74a46%0d%0a64cd81e3999 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/74a46%0d%0a64cd81e3999/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:14:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/74a46
64cd81e3999/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.987. https://fastdial.net/static/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4a629%0d%0a63bc797e97f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/4a629%0d%0a63bc797e97f/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:15:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/4a629
63bc797e97f/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.988. https://fastdial.net/static/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 35c22%0d%0a2851f954e7e was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/35c22%0d%0a2851f954e7e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:15:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/35c22
2851f954e7e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.989. https://fastdial.net/static/styles/common/images/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 45244%0d%0a26e1ff717a3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /45244%0d%0a26e1ff717a3/styles/common/images/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:18:21 GMT
Server: Apache
Location: http://fastdial.net/45244
26e1ff717a3/styles/common/images/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.990. https://fastdial.net/static/styles/common/images/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4cceb%0d%0a496e1fd410c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4cceb%0d%0a496e1fd410c/common/images/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:03 GMT
Server: Apache
Location: http://fastdial.net/static/4cceb
496e1fd410c/common/images/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.991. https://fastdial.net/static/styles/common/images/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f4d54%0d%0a73f49c4934f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f4d54%0d%0a73f49c4934f/images/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f4d54
73f49c4934f/images/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.992. https://fastdial.net/static/styles/common/images/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e5a1c%0d%0a4c90ecb47a1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/e5a1c%0d%0a4c90ecb47a1/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/e5a1c
4c90ecb47a1/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.993. https://fastdial.net/static/styles/common/images/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9f50c%0d%0aaf11cc284b5 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/9f50c%0d%0aaf11cc284b5/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/9f50c
af11cc284b5/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.994. https://fastdial.net/static/styles/common/images/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 52352%0d%0a87bc8910aa4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/52352%0d%0a87bc8910aa4/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:20:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/52352
87bc8910aa4/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.995. https://fastdial.net/static/styles/common/images/styles/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 7853e%0d%0a8388ea4e043 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/common/7853e%0d%0a8388ea4e043/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:20:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/common/7853e
8388ea4e043/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.996. https://fastdial.net/static/styles/common/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b2f64%0d%0a8f6143cb8e3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b2f64%0d%0a8f6143cb8e3/styles/common/images/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:17:55 GMT
Server: Apache
Location: http://fastdial.net/b2f64
8f6143cb8e3/styles/common/images/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.997. https://fastdial.net/static/styles/common/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 71182%0d%0a6eb13f9de6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/71182%0d%0a6eb13f9de6/common/images/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:18:09 GMT
Server: Apache
Location: http://fastdial.net/static/71182
6eb13f9de6/common/images/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.998. https://fastdial.net/static/styles/common/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7ec22%0d%0a344c59784d0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/7ec22%0d%0a344c59784d0/images/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:18:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/7ec22
344c59784d0/images/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.999. https://fastdial.net/static/styles/common/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a3854%0d%0a88d3ddf2139 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/a3854%0d%0a88d3ddf2139/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/a3854
88d3ddf2139/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1000. https://fastdial.net/static/styles/common/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 74e28%0d%0ad8f4f8a363 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/74e28%0d%0ad8f4f8a363/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/74e28
d8f4f8a363/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1001. https://fastdial.net/static/styles/common/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload ac7de%0d%0a8df89f359f8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/ac7de%0d%0a8df89f359f8/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/ac7de
8df89f359f8/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1002. https://fastdial.net/static/styles/common/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d01af%0d%0ab49e305cd4b was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/common/d01af%0d%0ab49e305cd4b/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/common/d01af
b49e305cd4b/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1003. https://fastdial.net/static/styles/common/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 26bcf%0d%0a0053aee662 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/common/styles/26bcf%0d%0a0053aee662/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:20:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/common/styles/26bcf
0053aee662/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1004. https://fastdial.net/static/styles/common/images/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 463cb%0d%0a5da0d0334ab was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /463cb%0d%0a5da0d0334ab/styles/common/images/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:18:02 GMT
Server: Apache
Location: http://fastdial.net/463cb
5da0d0334ab/styles/common/images/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1005. https://fastdial.net/static/styles/common/images/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2b7c5%0d%0aaca8d7f8dda was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2b7c5%0d%0aaca8d7f8dda/common/images/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:18:16 GMT
Server: Apache
Location: http://fastdial.net/static/2b7c5
aca8d7f8dda/common/images/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1006. https://fastdial.net/static/styles/common/images/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 50df0%0d%0ae33e9c28838 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/50df0%0d%0ae33e9c28838/images/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:18:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/50df0
e33e9c28838/images/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1007. https://fastdial.net/static/styles/common/images/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 59bb4%0d%0a26bd8de2689 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/59bb4%0d%0a26bd8de2689/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/59bb4
26bd8de2689/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1008. https://fastdial.net/static/styles/common/images/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3d1d2%0d%0a6bd44ed2cb9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/3d1d2%0d%0a6bd44ed2cb9/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/3d1d2
6bd44ed2cb9/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1009. https://fastdial.net/static/styles/common/images/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload e4521%0d%0ae5e526fbc05 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/e4521%0d%0ae5e526fbc05/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/e4521
e5e526fbc05/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1010. https://fastdial.net/static/styles/common/images/styles/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 5d0d0%0d%0ae7998ba273d was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/common/5d0d0%0d%0ae7998ba273d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:19:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/common/5d0d0
e7998ba273d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1011. https://fastdial.net/static/styles/common/images/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload dd385%0d%0ac7e2a2fb014 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /dd385%0d%0ac7e2a2fb014/styles/common/images/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:37 GMT
Server: Apache
Location: http://fastdial.net/dd385
c7e2a2fb014/styles/common/images/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1012. https://fastdial.net/static/styles/common/images/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c2447%0d%0aa078d635c3b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c2447%0d%0aa078d635c3b/common/images/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:52 GMT
Server: Apache
Location: http://fastdial.net/static/c2447
a078d635c3b/common/images/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1013. https://fastdial.net/static/styles/common/images/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 43110%0d%0a74334ee1947 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/43110%0d%0a74334ee1947/images/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/43110
74334ee1947/images/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1014. https://fastdial.net/static/styles/common/images/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6bc24%0d%0a72bca6d6a1d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/6bc24%0d%0a72bca6d6a1d/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/6bc24
72bca6d6a1d/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1015. https://fastdial.net/static/styles/common/images/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e2318%0d%0aaf1f42035ca was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/e2318%0d%0aaf1f42035ca/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/e2318
af1f42035ca/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1016. https://fastdial.net/static/styles/common/images/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a4a92%0d%0a1f8fb518579 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/a4a92%0d%0a1f8fb518579/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/a4a92
1f8fb518579/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1017. https://fastdial.net/static/styles/common/images/styles/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 5e353%0d%0af6d768813b1 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/images/5e353%0d%0af6d768813b1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:24:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/images/5e353
f6d768813b1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1018. https://fastdial.net/static/styles/common/images/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload eb07d%0d%0ab6cdeb90bcb was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /eb07d%0d%0ab6cdeb90bcb/styles/common/images/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:24:35 GMT
Server: Apache
Location: http://fastdial.net/eb07d
b6cdeb90bcb/styles/common/images/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1019. https://fastdial.net/static/styles/common/images/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c767d%0d%0a2859352e765 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c767d%0d%0a2859352e765/common/images/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:24:50 GMT
Server: Apache
Location: http://fastdial.net/static/c767d
2859352e765/common/images/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1020. https://fastdial.net/static/styles/common/images/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3d541%0d%0ae84514769ac was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/3d541%0d%0ae84514769ac/images/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/3d541
e84514769ac/images/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1021. https://fastdial.net/static/styles/common/images/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 633ff%0d%0a4a08d1ac28d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/633ff%0d%0a4a08d1ac28d/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/633ff
4a08d1ac28d/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1022. https://fastdial.net/static/styles/common/images/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a5de0%0d%0a24ac27dd04c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/a5de0%0d%0a24ac27dd04c/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/a5de0
24ac27dd04c/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1023. https://fastdial.net/static/styles/common/images/styles/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b3ce8%0d%0a7aa6af57ec0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/b3ce8%0d%0a7aa6af57ec0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:25:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/b3ce8
7aa6af57ec0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1024. https://fastdial.net/static/styles/common/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 414a0%0d%0a67234e6a36 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /414a0%0d%0a67234e6a36/styles/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:15:14 GMT
Server: Apache
Location: http://fastdial.net/414a0
67234e6a36/styles/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1025. https://fastdial.net/static/styles/common/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3d96c%0d%0ace9fda9ea73 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3d96c%0d%0ace9fda9ea73/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:15:35 GMT
Server: Apache
Location: http://fastdial.net/static/3d96c
ce9fda9ea73/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1026. https://fastdial.net/static/styles/common/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 94139%0d%0a6f3f5502c91 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/94139%0d%0a6f3f5502c91/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:15:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/94139
6f3f5502c91/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1027. https://fastdial.net/static/styles/common/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4a250%0d%0af1d8561c840 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/4a250%0d%0af1d8561c840/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:16:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/4a250
f1d8561c840/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1028. https://fastdial.net/static/styles/common/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d61d9%0d%0aa53008de46f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/d61d9%0d%0aa53008de46f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:16:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/d61d9
a53008de46f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1029. https://fastdial.net/static/styles/common/images/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ab216%0d%0a516fa6e605f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ab216%0d%0a516fa6e605f/styles/common/images/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:34 GMT
Server: Apache
Location: http://fastdial.net/ab216
516fa6e605f/styles/common/images/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1030. https://fastdial.net/static/styles/common/images/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3c329%0d%0aab28920fbd6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3c329%0d%0aab28920fbd6/common/images/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:45 GMT
Server: Apache
Location: http://fastdial.net/static/3c329
ab28920fbd6/common/images/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1031. https://fastdial.net/static/styles/common/images/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6afc7%0d%0ac472a836630 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/6afc7%0d%0ac472a836630/images/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/6afc7
c472a836630/images/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1032. https://fastdial.net/static/styles/common/images/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 247b9%0d%0af6c608ccc1f was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/247b9%0d%0af6c608ccc1f/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/247b9
f6c608ccc1f/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1033. https://fastdial.net/static/styles/common/images/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6a680%0d%0a1d8aca7abb3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/6a680%0d%0a1d8aca7abb3/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/6a680
1d8aca7abb3/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1034. https://fastdial.net/static/styles/common/images/styles/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload e24de%0d%0af0402d7630a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/e24de%0d%0af0402d7630a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/e24de
f0402d7630a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1035. https://fastdial.net/static/styles/common/images/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fe7f9%0d%0a29328135df8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fe7f9%0d%0a29328135df8/styles/common/images/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:21:54 GMT
Server: Apache
Location: http://fastdial.net/fe7f9
29328135df8/styles/common/images/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1036. https://fastdial.net/static/styles/common/images/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b16c8%0d%0a18485508945 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b16c8%0d%0a18485508945/common/images/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:05 GMT
Server: Apache
Location: http://fastdial.net/static/b16c8
18485508945/common/images/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1037. https://fastdial.net/static/styles/common/images/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6d759%0d%0a5190732a650 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/6d759%0d%0a5190732a650/images/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/6d759
5190732a650/images/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1038. https://fastdial.net/static/styles/common/images/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ac2bb%0d%0a7ec23cc3ea4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ac2bb%0d%0a7ec23cc3ea4/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ac2bb
7ec23cc3ea4/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1039. https://fastdial.net/static/styles/common/images/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c0281%0d%0a97ce74a1450 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/c0281%0d%0a97ce74a1450/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/c0281
97ce74a1450/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1040. https://fastdial.net/static/styles/common/images/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 98347%0d%0aeb42ac90ea4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/98347%0d%0aeb42ac90ea4/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/98347
eb42ac90ea4/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1041. https://fastdial.net/static/styles/common/images/styles/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 82b7e%0d%0a7afd0147981 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/styles/82b7e%0d%0a7afd0147981/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/styles/82b7e
7afd0147981/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1042. https://fastdial.net/static/styles/common/images/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ca110%0d%0a742d4a45164 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ca110%0d%0a742d4a45164/styles/common/images/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:21:56 GMT
Server: Apache
Location: http://fastdial.net/ca110
742d4a45164/styles/common/images/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1043. https://fastdial.net/static/styles/common/images/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 829df%0d%0af10718892d2 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/829df%0d%0af10718892d2/common/images/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:14 GMT
Server: Apache
Location: http://fastdial.net/static/829df
f10718892d2/common/images/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1044. https://fastdial.net/static/styles/common/images/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1c356%0d%0afef352f1965 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1c356%0d%0afef352f1965/images/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1c356
fef352f1965/images/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1045. https://fastdial.net/static/styles/common/images/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 93a09%0d%0af3f4317a225 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/93a09%0d%0af3f4317a225/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/93a09
f3f4317a225/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1046. https://fastdial.net/static/styles/common/images/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload bb652%0d%0a47fd9ae1ac was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/bb652%0d%0a47fd9ae1ac/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:22:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/bb652
47fd9ae1ac/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1047. https://fastdial.net/static/styles/common/images/styles/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1dfbc%0d%0aadbb24b0314 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/images/styles/1dfbc%0d%0aadbb24b0314/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:23:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/images/styles/1dfbc
adbb24b0314/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1048. https://fastdial.net/static/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6bca7%0d%0a19e4b3c77cf was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6bca7%0d%0a19e4b3c77cf/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=7A224075-168F-0FBB-9548-9424971700FB;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:05:55 GMT
Server: Apache
Location: http://fastdial.net/6bca7
19e4b3c77cf/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1049. https://fastdial.net/static/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 83b1a%0d%0a7e073ca947a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/83b1a%0d%0a7e073ca947a/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=7A224075-168F-0FBB-9548-9424971700FB;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:06:56 GMT
Server: Apache
Location: http://fastdial.net/static/83b1a
7e073ca947a/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1050. https://fastdial.net/static/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dc871%0d%0a8d87156ad13 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/dc871%0d%0a8d87156ad13/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=7A224075-168F-0FBB-9548-9424971700FB;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:07:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/dc871
8d87156ad13/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1051. https://fastdial.net/static/styles/common/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7a608%0d%0a097ee39cce4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7a608%0d%0a097ee39cce4/styles/common/scripts/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:25 GMT
Server: Apache
Location: http://fastdial.net/7a608
097ee39cce4/styles/common/scripts/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1052. https://fastdial.net/static/styles/common/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a3104%0d%0a51d2ef38a3f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a3104%0d%0a51d2ef38a3f/common/scripts/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:41 GMT
Server: Apache
Location: http://fastdial.net/static/a3104
51d2ef38a3f/common/scripts/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1053. https://fastdial.net/static/styles/common/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bb10e%0d%0a41d64a5559 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/bb10e%0d%0a41d64a5559/scripts/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/bb10e
41d64a5559/scripts/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1054. https://fastdial.net/static/styles/common/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload dee2b%0d%0a289167b01a3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/dee2b%0d%0a289167b01a3/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/dee2b
289167b01a3/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1055. https://fastdial.net/static/styles/common/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 78f64%0d%0a89e47234b9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/78f64%0d%0a89e47234b9/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/78f64
89e47234b9/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1056. https://fastdial.net/static/styles/common/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 367ba%0d%0aa73a5a8fe42 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/367ba%0d%0aa73a5a8fe42/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/367ba
a73a5a8fe42/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1057. https://fastdial.net/static/styles/common/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 2a78e%0d%0a2b83511efa8 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/common/2a78e%0d%0a2b83511efa8/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:44:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/common/2a78e
2b83511efa8/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1058. https://fastdial.net/static/styles/common/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 5bb88%0d%0af21c227b06f was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/common/images/5bb88%0d%0af21c227b06f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:44:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/common/images/5bb88
f21c227b06f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1059. https://fastdial.net/static/styles/common/scripts/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 20207%0d%0affe6f42c123 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /20207%0d%0affe6f42c123/styles/common/scripts/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:44:19 GMT
Server: Apache
Location: http://fastdial.net/20207
ffe6f42c123/styles/common/scripts/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1060. https://fastdial.net/static/styles/common/scripts/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d1e8d%0d%0a17441934614 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d1e8d%0d%0a17441934614/common/scripts/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:44:35 GMT
Server: Apache
Location: http://fastdial.net/static/d1e8d
17441934614/common/scripts/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1061. https://fastdial.net/static/styles/common/scripts/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6e0ff%0d%0a4d4e74ea854 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/6e0ff%0d%0a4d4e74ea854/scripts/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:45:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/6e0ff
4d4e74ea854/scripts/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1062. https://fastdial.net/static/styles/common/scripts/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 70841%0d%0ae41c18d1ca was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/70841%0d%0ae41c18d1ca/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:45:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/70841
e41c18d1ca/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1063. https://fastdial.net/static/styles/common/scripts/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1bc95%0d%0a0fb783c0f12 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/1bc95%0d%0a0fb783c0f12/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:46:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/1bc95
0fb783c0f12/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1064. https://fastdial.net/static/styles/common/scripts/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d5644%0d%0a79a9dd498d5 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/d5644%0d%0a79a9dd498d5/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:46:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/d5644
79a9dd498d5/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1065. https://fastdial.net/static/styles/common/scripts/images/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d748e%0d%0a5cae293500d was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/common/d748e%0d%0a5cae293500d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:46:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/common/d748e
5cae293500d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1066. https://fastdial.net/static/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d22f2%0d%0a238569052a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d22f2%0d%0a238569052a/styles/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:03:30 GMT
Server: Apache
Location: http://fastdial.net/d22f2
238569052a/styles/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1067. https://fastdial.net/static/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4969b%0d%0add60c0e0a4e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4969b%0d%0add60c0e0a4e/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:50 GMT
Server: Apache
Location: http://fastdial.net/static/4969b
dd60c0e0a4e/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1068. https://fastdial.net/static/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7db25%0d%0a81fa8fd7c42 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/7db25%0d%0a81fa8fd7c42/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/7db25
81fa8fd7c42/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1069. https://fastdial.net/static/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1760f%0d%0ac00a2ae88e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/1760f%0d%0ac00a2ae88e/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:05:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/1760f
c00a2ae88e/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1070. https://fastdial.net/static/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1d728%0d%0ab45a0c2878 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/1d728%0d%0ab45a0c2878/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:05:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/1d728
b45a0c2878/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1071. https://fastdial.net/static/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a53bc%0d%0aa99e36826ac was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/a53bc%0d%0aa99e36826ac/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:06:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/a53bc
a99e36826ac/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1072. https://fastdial.net/static/styles/common/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b5d7f%0d%0a9330cd32698 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b5d7f%0d%0a9330cd32698/styles/common/scripts/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:41:48 GMT
Server: Apache
Location: http://fastdial.net/b5d7f
9330cd32698/styles/common/scripts/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1073. https://fastdial.net/static/styles/common/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2be77%0d%0acf425cdc80c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2be77%0d%0acf425cdc80c/common/scripts/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:01 GMT
Server: Apache
Location: http://fastdial.net/static/2be77
cf425cdc80c/common/scripts/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1074. https://fastdial.net/static/styles/common/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 115c0%0d%0a3881429c96e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/115c0%0d%0a3881429c96e/scripts/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/115c0
3881429c96e/scripts/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1075. https://fastdial.net/static/styles/common/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c292e%0d%0a11adc3cf29a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/c292e%0d%0a11adc3cf29a/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/c292e
11adc3cf29a/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1076. https://fastdial.net/static/styles/common/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d3679%0d%0aa1703b845db was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/d3679%0d%0aa1703b845db/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/d3679
a1703b845db/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1077. https://fastdial.net/static/styles/common/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 76080%0d%0a0028f68abdb was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/76080%0d%0a0028f68abdb/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/76080
0028f68abdb/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1078. https://fastdial.net/static/styles/common/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 14b42%0d%0a83a18e2bddc was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/common/14b42%0d%0a83a18e2bddc/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/common/14b42
83a18e2bddc/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1079. https://fastdial.net/static/styles/common/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c1cc2%0d%0aadb5ccd37f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c1cc2%0d%0aadb5ccd37f/styles/common/scripts/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:41:28 GMT
Server: Apache
Location: http://fastdial.net/c1cc2
adb5ccd37f/styles/common/scripts/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1080. https://fastdial.net/static/styles/common/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4d9e5%0d%0aee0f330b49a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4d9e5%0d%0aee0f330b49a/common/scripts/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:41:43 GMT
Server: Apache
Location: http://fastdial.net/static/4d9e5
ee0f330b49a/common/scripts/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1081. https://fastdial.net/static/styles/common/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6c32d%0d%0ab0a196ee702 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/6c32d%0d%0ab0a196ee702/scripts/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/6c32d
b0a196ee702/scripts/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1082. https://fastdial.net/static/styles/common/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2174a%0d%0a36d13362649 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/2174a%0d%0a36d13362649/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/2174a
36d13362649/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1083. https://fastdial.net/static/styles/common/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1d1ef%0d%0a8d2e3db9bc8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/1d1ef%0d%0a8d2e3db9bc8/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/1d1ef
8d2e3db9bc8/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1084. https://fastdial.net/static/styles/common/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 5cce5%0d%0a35a51af422f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/5cce5%0d%0a35a51af422f/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/5cce5
35a51af422f/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1085. https://fastdial.net/static/styles/common/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload e96ca%0d%0a7b3b1aa975c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/common/e96ca%0d%0a7b3b1aa975c/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/common/e96ca
7b3b1aa975c/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1086. https://fastdial.net/static/styles/common/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload d437b%0d%0afc887718350 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/common/styles/d437b%0d%0afc887718350/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/common/styles/d437b
fc887718350/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1087. https://fastdial.net/static/styles/common/scripts/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload cd3b8%0d%0aea1438f7462 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /cd3b8%0d%0aea1438f7462/styles/common/scripts/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:41:37 GMT
Server: Apache
Location: http://fastdial.net/cd3b8
ea1438f7462/styles/common/scripts/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1088. https://fastdial.net/static/styles/common/scripts/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 47092%0d%0a8ff1b213534 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/47092%0d%0a8ff1b213534/common/scripts/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:41:56 GMT
Server: Apache
Location: http://fastdial.net/static/47092
8ff1b213534/common/scripts/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1089. https://fastdial.net/static/styles/common/scripts/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload faf05%0d%0a19724d2f606 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/faf05%0d%0a19724d2f606/scripts/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/faf05
19724d2f606/scripts/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1090. https://fastdial.net/static/styles/common/scripts/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 28463%0d%0abcb1207882a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/28463%0d%0abcb1207882a/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/28463
bcb1207882a/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1091. https://fastdial.net/static/styles/common/scripts/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 28ac8%0d%0a2d671599cf7 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/28ac8%0d%0a2d671599cf7/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/28ac8
2d671599cf7/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1092. https://fastdial.net/static/styles/common/scripts/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c03de%0d%0a63a9a2bf2a9 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/c03de%0d%0a63a9a2bf2a9/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/c03de
63a9a2bf2a9/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1093. https://fastdial.net/static/styles/common/scripts/images/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload ee4e1%0d%0afbdf4494a6b was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/common/ee4e1%0d%0afbdf4494a6b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:43:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/common/ee4e1
fbdf4494a6b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1094. https://fastdial.net/static/styles/common/scripts/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d014d%0d%0af2e78d58018 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d014d%0d%0af2e78d58018/styles/common/scripts/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:58:42 GMT
Server: Apache
Location: http://fastdial.net/d014d
f2e78d58018/styles/common/scripts/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1095. https://fastdial.net/static/styles/common/scripts/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1e319%0d%0ad590fd54a58 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1e319%0d%0ad590fd54a58/common/scripts/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:58:53 GMT
Server: Apache
Location: http://fastdial.net/static/1e319
d590fd54a58/common/scripts/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1096. https://fastdial.net/static/styles/common/scripts/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d8088%0d%0add5784b6ba1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/d8088%0d%0add5784b6ba1/scripts/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/d8088
dd5784b6ba1/scripts/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1097. https://fastdial.net/static/styles/common/scripts/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d32f4%0d%0a9053dfbda4d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/d32f4%0d%0a9053dfbda4d/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/d32f4
9053dfbda4d/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1098. https://fastdial.net/static/styles/common/scripts/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3ba50%0d%0a743fdf4ef2 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/3ba50%0d%0a743fdf4ef2/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/3ba50
743fdf4ef2/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1099. https://fastdial.net/static/styles/common/scripts/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 25d21%0d%0a5baa4218747 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/25d21%0d%0a5baa4218747/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/25d21
5baa4218747/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1100. https://fastdial.net/static/styles/common/scripts/images/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload aaa02%0d%0a962e47945ae was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/images/aaa02%0d%0a962e47945ae/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:01:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/images/aaa02
962e47945ae/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1101. https://fastdial.net/static/styles/common/scripts/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1bff6%0d%0a25056107978 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1bff6%0d%0a25056107978/styles/common/scripts/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:58:44 GMT
Server: Apache
Location: http://fastdial.net/1bff6
25056107978/styles/common/scripts/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1102. https://fastdial.net/static/styles/common/scripts/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a82bf%0d%0abf64f0e29d4 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a82bf%0d%0abf64f0e29d4/common/scripts/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:59:34 GMT
Server: Apache
Location: http://fastdial.net/static/a82bf
bf64f0e29d4/common/scripts/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1103. https://fastdial.net/static/styles/common/scripts/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5c8e3%0d%0ac0c81e350c was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5c8e3%0d%0ac0c81e350c/scripts/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:59:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5c8e3
c0c81e350c/scripts/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1104. https://fastdial.net/static/styles/common/scripts/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b900a%0d%0a3d07eeb9b0e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/b900a%0d%0a3d07eeb9b0e/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/b900a
3d07eeb9b0e/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1105. https://fastdial.net/static/styles/common/scripts/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d2fc3%0d%0aafa6dacc755 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/d2fc3%0d%0aafa6dacc755/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/d2fc3
afa6dacc755/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1106. https://fastdial.net/static/styles/common/scripts/images/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 700b1%0d%0a9b2f9b7f78d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/700b1%0d%0a9b2f9b7f78d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:00:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/700b1
9b2f9b7f78d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1107. https://fastdial.net/static/styles/common/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e4bbe%0d%0a732cebb4789 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e4bbe%0d%0a732cebb4789/styles/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:05:46 GMT
Server: Apache
Location: http://fastdial.net/e4bbe
732cebb4789/styles/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1108. https://fastdial.net/static/styles/common/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload bce67%0d%0a3d3c4d11773 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/bce67%0d%0a3d3c4d11773/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:06:48 GMT
Server: Apache
Location: http://fastdial.net/static/bce67
3d3c4d11773/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1109. https://fastdial.net/static/styles/common/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 25682%0d%0a0ed0a9601f8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/25682%0d%0a0ed0a9601f8/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:07:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/25682
0ed0a9601f8/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1110. https://fastdial.net/static/styles/common/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a7250%0d%0abe05980c0bf was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/a7250%0d%0abe05980c0bf/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:07:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/a7250
be05980c0bf/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1111. https://fastdial.net/static/styles/common/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 802cb%0d%0a8590a02d515 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/802cb%0d%0a8590a02d515/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:07:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/802cb
8590a02d515/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1112. https://fastdial.net/static/styles/common/scripts/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload dfe0c%0d%0a4c4d50b5ef1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /dfe0c%0d%0a4c4d50b5ef1/styles/common/scripts/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:55:22 GMT
Server: Apache
Location: http://fastdial.net/dfe0c
4c4d50b5ef1/styles/common/scripts/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1113. https://fastdial.net/static/styles/common/scripts/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c80c1%0d%0abcef89bd82 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c80c1%0d%0abcef89bd82/common/scripts/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:55:36 GMT
Server: Apache
Location: http://fastdial.net/static/c80c1
bcef89bd82/common/scripts/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1114. https://fastdial.net/static/styles/common/scripts/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5a2ec%0d%0a6319b333a89 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5a2ec%0d%0a6319b333a89/scripts/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:56:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5a2ec
6319b333a89/scripts/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1115. https://fastdial.net/static/styles/common/scripts/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f3a54%0d%0ad28ca0aa6ff was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/f3a54%0d%0ad28ca0aa6ff/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:57:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/f3a54
d28ca0aa6ff/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1116. https://fastdial.net/static/styles/common/scripts/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e6b15%0d%0a9d2ca6157c7 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/e6b15%0d%0a9d2ca6157c7/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:57:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/e6b15
9d2ca6157c7/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1117. https://fastdial.net/static/styles/common/scripts/images/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 496ef%0d%0a2664a7797e3 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/496ef%0d%0a2664a7797e3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:57:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/496ef
2664a7797e3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1118. https://fastdial.net/static/styles/common/scripts/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 89fa1%0d%0af524d16b1b0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /89fa1%0d%0af524d16b1b0/styles/common/scripts/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:47:16 GMT
Server: Apache
Location: http://fastdial.net/89fa1
f524d16b1b0/styles/common/scripts/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1119. https://fastdial.net/static/styles/common/scripts/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e735d%0d%0a80aacfd6fca was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e735d%0d%0a80aacfd6fca/common/scripts/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:47:34 GMT
Server: Apache
Location: http://fastdial.net/static/e735d
80aacfd6fca/common/scripts/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1120. https://fastdial.net/static/styles/common/scripts/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f9887%0d%0a0f4fe5026de was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f9887%0d%0a0f4fe5026de/scripts/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:48:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f9887
0f4fe5026de/scripts/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1121. https://fastdial.net/static/styles/common/scripts/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 704a9%0d%0a576061d3823 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/704a9%0d%0a576061d3823/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:49:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/704a9
576061d3823/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1122. https://fastdial.net/static/styles/common/scripts/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 875ae%0d%0a3ae22d42f7c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/875ae%0d%0a3ae22d42f7c/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:49:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/875ae
3ae22d42f7c/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1123. https://fastdial.net/static/styles/common/scripts/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b1113%0d%0a823de70be24 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/b1113%0d%0a823de70be24/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:49:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/b1113
823de70be24/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1124. https://fastdial.net/static/styles/common/scripts/images/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload b9c90%0d%0af1abccc80f2 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/styles/b9c90%0d%0af1abccc80f2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:49:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/styles/b9c90
f1abccc80f2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1125. https://fastdial.net/static/styles/common/scripts/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 30abc%0d%0a7d213e9ae7c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /30abc%0d%0a7d213e9ae7c/styles/common/scripts/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:50:41 GMT
Server: Apache
Location: http://fastdial.net/30abc
7d213e9ae7c/styles/common/scripts/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1126. https://fastdial.net/static/styles/common/scripts/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5a2db%0d%0ac333ba0d804 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5a2db%0d%0ac333ba0d804/common/scripts/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:51:23 GMT
Server: Apache
Location: http://fastdial.net/static/5a2db
c333ba0d804/common/scripts/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1127. https://fastdial.net/static/styles/common/scripts/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5c33f%0d%0aa732c0b2fc1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5c33f%0d%0aa732c0b2fc1/scripts/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:51:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5c33f
a732c0b2fc1/scripts/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1128. https://fastdial.net/static/styles/common/scripts/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4d20d%0d%0ad2e2ec3cd16 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/4d20d%0d%0ad2e2ec3cd16/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:51:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/4d20d
d2e2ec3cd16/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1129. https://fastdial.net/static/styles/common/scripts/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 299d8%0d%0ab71227e483f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/299d8%0d%0ab71227e483f/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:52:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/299d8
b71227e483f/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1130. https://fastdial.net/static/styles/common/scripts/images/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 150da%0d%0aa88cbed82ad was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/images/150da%0d%0aa88cbed82ad/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:52:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/images/150da
a88cbed82ad/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1131. https://fastdial.net/static/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c7d6e%0d%0a1f1e5f461c0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c7d6e%0d%0a1f1e5f461c0/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:03:13 GMT
Server: Apache
Location: http://fastdial.net/c7d6e
1f1e5f461c0/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1132. https://fastdial.net/static/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e8488%0d%0a24390dc4931 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e8488%0d%0a24390dc4931/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:13 GMT
Server: Apache
Location: http://fastdial.net/static/e8488
24390dc4931/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1133. https://fastdial.net/static/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 863f2%0d%0a2cb42273903 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/863f2%0d%0a2cb42273903/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/863f2
2cb42273903/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1134. https://fastdial.net/static/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2c3ec%0d%0abd2f54f4b01 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/2c3ec%0d%0abd2f54f4b01/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/2c3ec
bd2f54f4b01/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1135. https://fastdial.net/static/styles/common/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 715e5%0d%0aeea3508ee0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /715e5%0d%0aeea3508ee0/styles/common/scripts/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:58 GMT
Server: Apache
Location: http://fastdial.net/715e5
eea3508ee0/styles/common/scripts/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1136. https://fastdial.net/static/styles/common/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3e6f5%0d%0af66013af7e0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3e6f5%0d%0af66013af7e0/common/scripts/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:13 GMT
Server: Apache
Location: http://fastdial.net/static/3e6f5
f66013af7e0/common/scripts/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1137. https://fastdial.net/static/styles/common/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 808db%0d%0a6d4d4034d4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/808db%0d%0a6d4d4034d4/scripts/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/808db
6d4d4034d4/scripts/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1138. https://fastdial.net/static/styles/common/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 92bd0%0d%0a984214901ef was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/92bd0%0d%0a984214901ef/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/92bd0
984214901ef/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1139. https://fastdial.net/static/styles/common/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2da6a%0d%0a6f6db83d54d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/2da6a%0d%0a6f6db83d54d/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/2da6a
6f6db83d54d/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1140. https://fastdial.net/static/styles/common/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 83f6c%0d%0ab2a677ce7bf was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/scripts/83f6c%0d%0ab2a677ce7bf/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:40:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/scripts/83f6c
b2a677ce7bf/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1141. https://fastdial.net/static/styles/common/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d932b%0d%0af602341f888 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/scripts/images/d932b%0d%0af602341f888/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:40:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/scripts/images/d932b
f602341f888/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1142. https://fastdial.net/static/styles/common/scripts/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e25e0%0d%0a63de210e786 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e25e0%0d%0a63de210e786/styles/common/scripts/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:40:52 GMT
Server: Apache
Location: http://fastdial.net/e25e0
63de210e786/styles/common/scripts/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1143. https://fastdial.net/static/styles/common/scripts/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d137c%0d%0a3c167f143f4 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d137c%0d%0a3c167f143f4/common/scripts/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:41:08 GMT
Server: Apache
Location: http://fastdial.net/static/d137c
3c167f143f4/common/scripts/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1144. https://fastdial.net/static/styles/common/scripts/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 133c2%0d%0a27a486ed1af was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/133c2%0d%0a27a486ed1af/scripts/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:41:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/133c2
27a486ed1af/scripts/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1145. https://fastdial.net/static/styles/common/scripts/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8d540%0d%0a0a73fe6e07 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/8d540%0d%0a0a73fe6e07/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:41:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/8d540
0a73fe6e07/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1146. https://fastdial.net/static/styles/common/scripts/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3cce7%0d%0a51de120fc58 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/3cce7%0d%0a51de120fc58/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:41:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/3cce7
51de120fc58/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1147. https://fastdial.net/static/styles/common/scripts/scripts/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1c173%0d%0a92f05741c96 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/scripts/1c173%0d%0a92f05741c96/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:42:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/scripts/1c173
92f05741c96/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1148. https://fastdial.net/static/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e6263%0d%0a76769f7f0cc was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e6263%0d%0a76769f7f0cc/styles/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:03:15 GMT
Server: Apache
Location: http://fastdial.net/e6263
76769f7f0cc/styles/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1149. https://fastdial.net/static/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f9ba9%0d%0ad13006e10e3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f9ba9%0d%0ad13006e10e3/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:20 GMT
Server: Apache
Location: http://fastdial.net/static/f9ba9
d13006e10e3/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1150. https://fastdial.net/static/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 300bd%0d%0a474095d6b6b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/300bd%0d%0a474095d6b6b/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/300bd
474095d6b6b/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1151. https://fastdial.net/static/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload aa40a%0d%0a071d868d647 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/aa40a%0d%0a071d868d647/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/aa40a
071d868d647/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1152. https://fastdial.net/static/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 85bde%0d%0aa9432f0b3c5 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/85bde%0d%0aa9432f0b3c5/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:05:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/85bde
a9432f0b3c5/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1153. https://fastdial.net/static/styles/common/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b16f7%0d%0a834ae50c16c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b16f7%0d%0a834ae50c16c/styles/common/scripts/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:31 GMT
Server: Apache
Location: http://fastdial.net/b16f7
834ae50c16c/styles/common/scripts/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1154. https://fastdial.net/static/styles/common/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2239c%0d%0a0b431228320 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2239c%0d%0a0b431228320/common/scripts/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:46 GMT
Server: Apache
Location: http://fastdial.net/static/2239c
0b431228320/common/scripts/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1155. https://fastdial.net/static/styles/common/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d5f7b%0d%0abadd12027cd was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/d5f7b%0d%0abadd12027cd/scripts/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/d5f7b
badd12027cd/scripts/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1156. https://fastdial.net/static/styles/common/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d2bfa%0d%0aedaf04db581 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/d2bfa%0d%0aedaf04db581/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/d2bfa
edaf04db581/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1157. https://fastdial.net/static/styles/common/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5e651%0d%0ae9c9e386eee was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/5e651%0d%0ae9c9e386eee/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/5e651
e9c9e386eee/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1158. https://fastdial.net/static/styles/common/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 2dcbc%0d%0a07de7f39d14 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/scripts/2dcbc%0d%0a07de7f39d14/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/scripts/2dcbc
07de7f39d14/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1159. https://fastdial.net/static/styles/common/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 502c2%0d%0ae3237f7a286 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /502c2%0d%0ae3237f7a286/styles/common/scripts/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:03 GMT
Server: Apache
Location: http://fastdial.net/502c2
e3237f7a286/styles/common/scripts/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1160. https://fastdial.net/static/styles/common/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 291c4%0d%0a589b3b552b5 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/291c4%0d%0a589b3b552b5/common/scripts/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:19 GMT
Server: Apache
Location: http://fastdial.net/static/291c4
589b3b552b5/common/scripts/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1161. https://fastdial.net/static/styles/common/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a2f09%0d%0a970f090f965 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a2f09%0d%0a970f090f965/scripts/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a2f09
970f090f965/scripts/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1162. https://fastdial.net/static/styles/common/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9f09e%0d%0a995ba37ae2e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/9f09e%0d%0a995ba37ae2e/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/9f09e
995ba37ae2e/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1163. https://fastdial.net/static/styles/common/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 206ba%0d%0ad8cf7561c8a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/206ba%0d%0ad8cf7561c8a/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/206ba
d8cf7561c8a/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1164. https://fastdial.net/static/styles/common/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a456e%0d%0a625c23ffa05 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/scripts/a456e%0d%0a625c23ffa05/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/scripts/a456e
625c23ffa05/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1165. https://fastdial.net/static/styles/common/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 58590%0d%0a6e7a82db1ff was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/scripts/styles/58590%0d%0a6e7a82db1ff/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/scripts/styles/58590
6e7a82db1ff/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1166. https://fastdial.net/static/styles/common/scripts/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fe723%0d%0abebadc2563c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fe723%0d%0abebadc2563c/styles/common/scripts/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:19 GMT
Server: Apache
Location: http://fastdial.net/fe723
bebadc2563c/styles/common/scripts/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1167. https://fastdial.net/static/styles/common/scripts/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1f77e%0d%0a2dc4d17f5e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1f77e%0d%0a2dc4d17f5e/common/scripts/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:40 GMT
Server: Apache
Location: http://fastdial.net/static/1f77e
2dc4d17f5e/common/scripts/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1168. https://fastdial.net/static/styles/common/scripts/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1dce8%0d%0a19de3650d61 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1dce8%0d%0a19de3650d61/scripts/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1dce8
19de3650d61/scripts/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1169. https://fastdial.net/static/styles/common/scripts/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 540b2%0d%0ad152cb29954 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/540b2%0d%0ad152cb29954/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/540b2
d152cb29954/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1170. https://fastdial.net/static/styles/common/scripts/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload cd5d7%0d%0a776f21d0a42 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/cd5d7%0d%0a776f21d0a42/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/cd5d7
776f21d0a42/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1171. https://fastdial.net/static/styles/common/scripts/scripts/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload cbb0a%0d%0a5969bf0d025 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/scripts/cbb0a%0d%0a5969bf0d025/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/scripts/cbb0a
5969bf0d025/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1172. https://fastdial.net/static/styles/common/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 79286%0d%0a74a8eb74946 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /79286%0d%0a74a8eb74946/styles/common/scripts/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:33:33 GMT
Server: Apache
Location: http://fastdial.net/79286
74a8eb74946/styles/common/scripts/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1173. https://fastdial.net/static/styles/common/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3d5af%0d%0a092edf72a4 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3d5af%0d%0a092edf72a4/common/scripts/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:33:51 GMT
Server: Apache
Location: http://fastdial.net/static/3d5af
092edf72a4/common/scripts/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1174. https://fastdial.net/static/styles/common/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 288fa%0d%0adb7319a25bc was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/288fa%0d%0adb7319a25bc/scripts/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:34:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/288fa
db7319a25bc/scripts/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1175. https://fastdial.net/static/styles/common/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b8120%0d%0a89fc47631b7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/b8120%0d%0a89fc47631b7/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:34:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/b8120
89fc47631b7/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1176. https://fastdial.net/static/styles/common/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 96656%0d%0abefc3373b78 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/96656%0d%0abefc3373b78/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:34:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/96656
befc3373b78/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1177. https://fastdial.net/static/styles/common/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b4874%0d%0a780d0db2e38 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/b4874%0d%0a780d0db2e38/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:34:49 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/b4874
780d0db2e38/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1178. https://fastdial.net/static/styles/common/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 5daa5%0d%0a690622c5068 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/common/5daa5%0d%0a690622c5068/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/common/5daa5
690622c5068/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1179. https://fastdial.net/static/styles/common/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 98a6a%0d%0a71fdb9b9b8 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/common/images/98a6a%0d%0a71fdb9b9b8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/common/images/98a6a
71fdb9b9b8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1180. https://fastdial.net/static/styles/common/scripts/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload cb93f%0d%0ae517a4ca6d6 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /cb93f%0d%0ae517a4ca6d6/styles/common/scripts/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:34:20 GMT
Server: Apache
Location: http://fastdial.net/cb93f
e517a4ca6d6/styles/common/scripts/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1181. https://fastdial.net/static/styles/common/scripts/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 52eb3%0d%0aa4acd3ec3e4 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/52eb3%0d%0aa4acd3ec3e4/common/scripts/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:34:34 GMT
Server: Apache
Location: http://fastdial.net/static/52eb3
a4acd3ec3e4/common/scripts/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1182. https://fastdial.net/static/styles/common/scripts/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f856c%0d%0afd1864a3404 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f856c%0d%0afd1864a3404/scripts/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:34:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f856c
fd1864a3404/scripts/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1183. https://fastdial.net/static/styles/common/scripts/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 86014%0d%0af1374beb79c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/86014%0d%0af1374beb79c/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/86014
f1374beb79c/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1184. https://fastdial.net/static/styles/common/scripts/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6eefa%0d%0a042651f41f3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/6eefa%0d%0a042651f41f3/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/6eefa
042651f41f3/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1185. https://fastdial.net/static/styles/common/scripts/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 4d3a3%0d%0ad5c86f6ca70 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/4d3a3%0d%0ad5c86f6ca70/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/4d3a3
d5c86f6ca70/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1186. https://fastdial.net/static/styles/common/scripts/styles/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d72b1%0d%0aad5a4400a2 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/common/d72b1%0d%0aad5a4400a2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/common/d72b1
ad5a4400a2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1187. https://fastdial.net/static/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload bc810%0d%0a2f4500d49fa was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /bc810%0d%0a2f4500d49fa/styles/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:02:23 GMT
Server: Apache
Location: http://fastdial.net/bc810
2f4500d49fa/styles/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1188. https://fastdial.net/static/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b1762%0d%0a52efac30201 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b1762%0d%0a52efac30201/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:02:35 GMT
Server: Apache
Location: http://fastdial.net/static/b1762
52efac30201/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1189. https://fastdial.net/static/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 88ad6%0d%0abc215e97edc was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/88ad6%0d%0abc215e97edc/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:02:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/88ad6
bc215e97edc/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1190. https://fastdial.net/static/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 32c0c%0d%0abe026b00f84 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/32c0c%0d%0abe026b00f84/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:03:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/32c0c
be026b00f84/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1191. https://fastdial.net/static/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload bb80f%0d%0a069dc59599e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/bb80f%0d%0a069dc59599e/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/bb80f
069dc59599e/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1192. https://fastdial.net/static/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 3141e%0d%0aae4b347501b was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/3141e%0d%0aae4b347501b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/3141e
ae4b347501b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1193. https://fastdial.net/static/styles/common/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 51377%0d%0a77c1f91ba59 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /51377%0d%0a77c1f91ba59/styles/common/scripts/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:52 GMT
Server: Apache
Location: http://fastdial.net/51377
77c1f91ba59/styles/common/scripts/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1194. https://fastdial.net/static/styles/common/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 972eb%0d%0a12cb3534f5b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/972eb%0d%0a12cb3534f5b/common/scripts/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:09 GMT
Server: Apache
Location: http://fastdial.net/static/972eb
12cb3534f5b/common/scripts/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1195. https://fastdial.net/static/styles/common/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 51279%0d%0a037a55d95e6 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/51279%0d%0a037a55d95e6/scripts/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/51279
037a55d95e6/scripts/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1196. https://fastdial.net/static/styles/common/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 91e1f%0d%0afc37beda1e8 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/91e1f%0d%0afc37beda1e8/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/91e1f
fc37beda1e8/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1197. https://fastdial.net/static/styles/common/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 10f9a%0d%0a5b756a65fc1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/10f9a%0d%0a5b756a65fc1/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/10f9a
5b756a65fc1/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1198. https://fastdial.net/static/styles/common/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7aec0%0d%0a9612888a59d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/7aec0%0d%0a9612888a59d/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:33:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/7aec0
9612888a59d/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1199. https://fastdial.net/static/styles/common/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload dcd0c%0d%0a1ee9582d546 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/common/dcd0c%0d%0a1ee9582d546/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:33:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/common/dcd0c
1ee9582d546/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1200. https://fastdial.net/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload cf316%0d%0a524e68a927e was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /cf316%0d%0a524e68a927e/styles/common/scripts/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:41 GMT
Server: Apache
Location: http://fastdial.net/cf316
524e68a927e/styles/common/scripts/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1201. https://fastdial.net/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8b413%0d%0a13f826f7165 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8b413%0d%0a13f826f7165/common/scripts/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:55 GMT
Server: Apache
Location: http://fastdial.net/static/8b413
13f826f7165/common/scripts/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1202. https://fastdial.net/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 31f07%0d%0a02f7a538ff8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/31f07%0d%0a02f7a538ff8/scripts/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/31f07
02f7a538ff8/scripts/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1203. https://fastdial.net/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b7f6a%0d%0aea0e3657e1b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/b7f6a%0d%0aea0e3657e1b/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/b7f6a
ea0e3657e1b/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1204. https://fastdial.net/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload bd0d7%0d%0a45aa11edc2a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/bd0d7%0d%0a45aa11edc2a/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/bd0d7
45aa11edc2a/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1205. https://fastdial.net/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 8307f%0d%0aa5396213b24 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/8307f%0d%0aa5396213b24/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/8307f
a5396213b24/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1206. https://fastdial.net/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload cf7ce%0d%0a62cbde1d19f was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/common/cf7ce%0d%0a62cbde1d19f/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:33:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/common/cf7ce
62cbde1d19f/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1207. https://fastdial.net/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 3b3ba%0d%0aa462bbf2475 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/common/styles/3b3ba%0d%0aa462bbf2475/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:33:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/common/styles/3b3ba
a462bbf2475/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1208. https://fastdial.net/static/styles/common/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e0d59%0d%0a1d1765ab35a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e0d59%0d%0a1d1765ab35a/styles/common/scripts/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:49 GMT
Server: Apache
Location: http://fastdial.net/e0d59
1d1765ab35a/styles/common/scripts/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1209. https://fastdial.net/static/styles/common/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b64be%0d%0ae18f9ae812f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b64be%0d%0ae18f9ae812f/common/scripts/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:03 GMT
Server: Apache
Location: http://fastdial.net/static/b64be
e18f9ae812f/common/scripts/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1210. https://fastdial.net/static/styles/common/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3c2cd%0d%0aa72639dde30 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/3c2cd%0d%0aa72639dde30/scripts/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/3c2cd
a72639dde30/scripts/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1211. https://fastdial.net/static/styles/common/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload faccb%0d%0aa3a96026cf7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/faccb%0d%0aa3a96026cf7/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/faccb
a3a96026cf7/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1212. https://fastdial.net/static/styles/common/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2d07f%0d%0ad3e4d8626d3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/2d07f%0d%0ad3e4d8626d3/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/2d07f
d3e4d8626d3/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1213. https://fastdial.net/static/styles/common/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 29b0d%0d%0ae4cb700644c was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/29b0d%0d%0ae4cb700644c/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:33:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/29b0d
e4cb700644c/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1214. https://fastdial.net/static/styles/common/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d37da%0d%0ab5d613226f2 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/common/d37da%0d%0ab5d613226f2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:33:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/common/d37da
b5d613226f2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1215. https://fastdial.net/static/styles/common/scripts/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e2049%0d%0af47967a6aea was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e2049%0d%0af47967a6aea/styles/common/scripts/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:34 GMT
Server: Apache
Location: http://fastdial.net/e2049
f47967a6aea/styles/common/scripts/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1216. https://fastdial.net/static/styles/common/scripts/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 50932%0d%0a44d78236c90 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/50932%0d%0a44d78236c90/common/scripts/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:50 GMT
Server: Apache
Location: http://fastdial.net/static/50932
44d78236c90/common/scripts/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1217. https://fastdial.net/static/styles/common/scripts/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 33d21%0d%0a4a0e3b83653 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/33d21%0d%0a4a0e3b83653/scripts/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:37:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/33d21
4a0e3b83653/scripts/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1218. https://fastdial.net/static/styles/common/scripts/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c1597%0d%0a2e44e636bb6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/c1597%0d%0a2e44e636bb6/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:37:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/c1597
2e44e636bb6/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1219. https://fastdial.net/static/styles/common/scripts/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2fe9e%0d%0af72385beb4a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/2fe9e%0d%0af72385beb4a/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:37:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/2fe9e
f72385beb4a/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1220. https://fastdial.net/static/styles/common/scripts/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 59148%0d%0af9eb7532bcf was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/59148%0d%0af9eb7532bcf/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:37:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/59148
f9eb7532bcf/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1221. https://fastdial.net/static/styles/common/scripts/styles/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload f493b%0d%0a2b0bc1c5d02 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/images/f493b%0d%0a2b0bc1c5d02/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/images/f493b
2b0bc1c5d02/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1222. https://fastdial.net/static/styles/common/scripts/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d938c%0d%0a85de4a5b06f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d938c%0d%0a85de4a5b06f/styles/common/scripts/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:37:46 GMT
Server: Apache
Location: http://fastdial.net/d938c
85de4a5b06f/styles/common/scripts/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1223. https://fastdial.net/static/styles/common/scripts/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6b538%0d%0af6e4a0da00c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6b538%0d%0af6e4a0da00c/common/scripts/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:01 GMT
Server: Apache
Location: http://fastdial.net/static/6b538
f6e4a0da00c/common/scripts/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1224. https://fastdial.net/static/styles/common/scripts/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 863ef%0d%0a4e0e2da87ac was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/863ef%0d%0a4e0e2da87ac/scripts/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/863ef
4e0e2da87ac/scripts/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1225. https://fastdial.net/static/styles/common/scripts/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 27106%0d%0a96b7a626053 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/27106%0d%0a96b7a626053/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:38:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/27106
96b7a626053/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1226. https://fastdial.net/static/styles/common/scripts/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ee1bc%0d%0a370d5594c95 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/ee1bc%0d%0a370d5594c95/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/ee1bc
370d5594c95/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1227. https://fastdial.net/static/styles/common/scripts/styles/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 571c7%0d%0a7c2cab84181 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/571c7%0d%0a7c2cab84181/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:39:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/571c7
7c2cab84181/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1228. https://fastdial.net/static/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 23968%0d%0a83132bf6adb was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /23968%0d%0a83132bf6adb/styles/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:02:54 GMT
Server: Apache
Location: http://fastdial.net/23968
83132bf6adb/styles/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1229. https://fastdial.net/static/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 72c86%0d%0ad021f30b111 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/72c86%0d%0ad021f30b111/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:03:09 GMT
Server: Apache
Location: http://fastdial.net/static/72c86
d021f30b111/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1230. https://fastdial.net/static/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d6565%0d%0ad38dfe3a98 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/d6565%0d%0ad38dfe3a98/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/d6565
d38dfe3a98/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1231. https://fastdial.net/static/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 3a36e%0d%0ac7e7142d636 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/3a36e%0d%0ac7e7142d636/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/3a36e
c7e7142d636/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1232. https://fastdial.net/static/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 29e6f%0d%0aa019900f9d8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/29e6f%0d%0aa019900f9d8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:04:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/29e6f
a019900f9d8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1233. https://fastdial.net/static/styles/common/scripts/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 94269%0d%0aa70fc655085 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /94269%0d%0aa70fc655085/styles/common/scripts/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:29 GMT
Server: Apache
Location: http://fastdial.net/94269
a70fc655085/styles/common/scripts/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1234. https://fastdial.net/static/styles/common/scripts/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload fc7bf%0d%0a78b48e3c2aa was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/fc7bf%0d%0a78b48e3c2aa/common/scripts/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:40 GMT
Server: Apache
Location: http://fastdial.net/static/fc7bf
78b48e3c2aa/common/scripts/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1235. https://fastdial.net/static/styles/common/scripts/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7db88%0d%0aebad9b088c was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/7db88%0d%0aebad9b088c/scripts/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/7db88
ebad9b088c/scripts/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1236. https://fastdial.net/static/styles/common/scripts/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9f275%0d%0a3a01c20ad78 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/9f275%0d%0a3a01c20ad78/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/9f275
3a01c20ad78/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1237. https://fastdial.net/static/styles/common/scripts/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 81ccc%0d%0a1d5b5eadb71 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/81ccc%0d%0a1d5b5eadb71/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/81ccc
1d5b5eadb71/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1238. https://fastdial.net/static/styles/common/scripts/styles/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b24bd%0d%0a9d596b9697a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/b24bd%0d%0a9d596b9697a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/b24bd
9d596b9697a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1239. https://fastdial.net/static/styles/common/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 54423%0d%0a317496c3924 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /54423%0d%0a317496c3924/styles/common/scripts/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:34:56 GMT
Server: Apache
Location: http://fastdial.net/54423
317496c3924/styles/common/scripts/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1240. https://fastdial.net/static/styles/common/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 22712%0d%0a7bd5ef17b87 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/22712%0d%0a7bd5ef17b87/common/scripts/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:11 GMT
Server: Apache
Location: http://fastdial.net/static/22712
7bd5ef17b87/common/scripts/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1241. https://fastdial.net/static/styles/common/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b3641%0d%0a6faf7311e38 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b3641%0d%0a6faf7311e38/scripts/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b3641
6faf7311e38/scripts/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1242. https://fastdial.net/static/styles/common/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 598d9%0d%0a5a62162e488 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/598d9%0d%0a5a62162e488/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/598d9
5a62162e488/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1243. https://fastdial.net/static/styles/common/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ebe3e%0d%0a828b00db7c2 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/ebe3e%0d%0a828b00db7c2/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/ebe3e
828b00db7c2/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1244. https://fastdial.net/static/styles/common/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d8890%0d%0a8e3ff026df7 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/d8890%0d%0a8e3ff026df7/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/d8890
8e3ff026df7/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1245. https://fastdial.net/static/styles/common/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 76c35%0d%0aae0575cb40c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/styles/76c35%0d%0aae0575cb40c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/styles/76c35
ae0575cb40c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1246. https://fastdial.net/static/styles/common/scripts/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8d7c8%0d%0a74270aaf865 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8d7c8%0d%0a74270aaf865/styles/common/scripts/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:34:57 GMT
Server: Apache
Location: http://fastdial.net/8d7c8
74270aaf865/styles/common/scripts/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1247. https://fastdial.net/static/styles/common/scripts/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 737b8%0d%0a2ea68c36f7f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/737b8%0d%0a2ea68c36f7f/common/scripts/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:16 GMT
Server: Apache
Location: http://fastdial.net/static/737b8
2ea68c36f7f/common/scripts/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1248. https://fastdial.net/static/styles/common/scripts/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e5c14%0d%0a350866670f4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e5c14%0d%0a350866670f4/scripts/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e5c14
350866670f4/scripts/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1249. https://fastdial.net/static/styles/common/scripts/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 56adc%0d%0ac72797ff7e1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/56adc%0d%0ac72797ff7e1/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:35:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/56adc
c72797ff7e1/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1250. https://fastdial.net/static/styles/common/scripts/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4e252%0d%0ac2d97b632ee was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/4e252%0d%0ac2d97b632ee/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/4e252
c2d97b632ee/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1251. https://fastdial.net/static/styles/common/scripts/styles/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 57a37%0d%0abda7cce6e66 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/scripts/styles/57a37%0d%0abda7cce6e66/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:36:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/scripts/styles/57a37
bda7cce6e66/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1252. https://fastdial.net/static/styles/common/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 628dd%0d%0ad9eacd5aa5f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /628dd%0d%0ad9eacd5aa5f/styles/common/styles/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:11 GMT
Server: Apache
Location: http://fastdial.net/628dd
d9eacd5aa5f/styles/common/styles/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1253. https://fastdial.net/static/styles/common/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload df48c%0d%0a882c7f7e555 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/df48c%0d%0a882c7f7e555/common/styles/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:26 GMT
Server: Apache
Location: http://fastdial.net/static/df48c
882c7f7e555/common/styles/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1254. https://fastdial.net/static/styles/common/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b373c%0d%0af6bb3e62a6a was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b373c%0d%0af6bb3e62a6a/styles/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b373c
f6bb3e62a6a/styles/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1255. https://fastdial.net/static/styles/common/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 53ffd%0d%0ae725cf2d6b8 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/53ffd%0d%0ae725cf2d6b8/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/53ffd
e725cf2d6b8/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1256. https://fastdial.net/static/styles/common/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 81c80%0d%0a1e4ce63b520 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/81c80%0d%0a1e4ce63b520/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/81c80
1e4ce63b520/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1257. https://fastdial.net/static/styles/common/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d3730%0d%0a50f42876503 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/d3730%0d%0a50f42876503/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/d3730
50f42876503/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1258. https://fastdial.net/static/styles/common/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload a9537%0d%0a6f32420beb9 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/a9537%0d%0a6f32420beb9/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/a9537
6f32420beb9/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1259. https://fastdial.net/static/styles/common/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 2a7c9%0d%0a7ad34cec25e was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/common/2a7c9%0d%0a7ad34cec25e/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/common/2a7c9
7ad34cec25e/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1260. https://fastdial.net/static/styles/common/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 9 is copied into the Location response header. The payload 6e2b5%0d%0af82133cfada was submitted in the REST URL parameter 9. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/common/images/6e2b5%0d%0af82133cfada/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/common/images/6e2b5
f82133cfada/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1261. https://fastdial.net/static/styles/common/styles/common/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ec932%0d%0ae19b0a9cf47 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ec932%0d%0ae19b0a9cf47/styles/common/styles/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:50 GMT
Server: Apache
Location: http://fastdial.net/ec932
e19b0a9cf47/styles/common/styles/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1262. https://fastdial.net/static/styles/common/styles/common/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b2104%0d%0a5f9ba5753e7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b2104%0d%0a5f9ba5753e7/common/styles/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:26 GMT
Server: Apache
Location: http://fastdial.net/static/b2104
5f9ba5753e7/common/styles/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1263. https://fastdial.net/static/styles/common/styles/common/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c0092%0d%0ae8526d31fad was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c0092%0d%0ae8526d31fad/styles/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c0092
e8526d31fad/styles/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1264. https://fastdial.net/static/styles/common/styles/common/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5b1a3%0d%0abb35e495571 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/5b1a3%0d%0abb35e495571/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/5b1a3
bb35e495571/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1265. https://fastdial.net/static/styles/common/styles/common/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a6e48%0d%0acee7830ebe was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/a6e48%0d%0acee7830ebe/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/a6e48
cee7830ebe/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1266. https://fastdial.net/static/styles/common/styles/common/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 98c03%0d%0aa53141e770f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/98c03%0d%0aa53141e770f/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/98c03
a53141e770f/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1267. https://fastdial.net/static/styles/common/styles/common/images/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload a1ab2%0d%0ab10b784022e was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/a1ab2%0d%0ab10b784022e/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/a1ab2
b10b784022e/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1268. https://fastdial.net/static/styles/common/styles/common/images/common/images/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload a29c2%0d%0af5fe56ae02d was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/common/a29c2%0d%0af5fe56ae02d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/common/a29c2
f5fe56ae02d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1269. https://fastdial.net/static/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e1fa7%0d%0afa0287c8b52 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e1fa7%0d%0afa0287c8b52/styles/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:55:07 GMT
Server: Apache
Location: http://fastdial.net/e1fa7
fa0287c8b52/styles/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1270. https://fastdial.net/static/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b0986%0d%0a3901c4a40a4 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b0986%0d%0a3901c4a40a4/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:55:31 GMT
Server: Apache
Location: http://fastdial.net/static/b0986
3901c4a40a4/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1271. https://fastdial.net/static/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b7dd2%0d%0a752c2a427b1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b7dd2%0d%0a752c2a427b1/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b7dd2
752c2a427b1/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1272. https://fastdial.net/static/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ad4e3%0d%0aa5f8676321d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ad4e3%0d%0aa5f8676321d/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ad4e3
a5f8676321d/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1273. https://fastdial.net/static/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a74da%0d%0ac228d29f4f6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/a74da%0d%0ac228d29f4f6/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/a74da
c228d29f4f6/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1274. https://fastdial.net/static/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 76f16%0d%0a05f380281ab was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/76f16%0d%0a05f380281ab/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/76f16
05f380281ab/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1275. https://fastdial.net/static/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 301b3%0d%0ae9720c1f63f was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/301b3%0d%0ae9720c1f63f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:57:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/301b3
e9720c1f63f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1276. https://fastdial.net/static/styles/common/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ffc98%0d%0a0e8920ebf86 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ffc98%0d%0a0e8920ebf86/styles/common/styles/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:26 GMT
Server: Apache
Location: http://fastdial.net/ffc98
0e8920ebf86/styles/common/styles/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1277. https://fastdial.net/static/styles/common/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 82483%0d%0a1ade6a9160 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/82483%0d%0a1ade6a9160/common/styles/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:46 GMT
Server: Apache
Location: http://fastdial.net/static/82483
1ade6a9160/common/styles/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1278. https://fastdial.net/static/styles/common/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 663fe%0d%0ab94ac12e5dc was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/663fe%0d%0ab94ac12e5dc/styles/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/663fe
b94ac12e5dc/styles/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1279. https://fastdial.net/static/styles/common/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7bcfd%0d%0a2c19d79a3c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/7bcfd%0d%0a2c19d79a3c/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/7bcfd
2c19d79a3c/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1280. https://fastdial.net/static/styles/common/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2de96%0d%0ae2687830f4f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/2de96%0d%0ae2687830f4f/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/2de96
e2687830f4f/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1281. https://fastdial.net/static/styles/common/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 825f1%0d%0a349caaefc99 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/825f1%0d%0a349caaefc99/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/825f1
349caaefc99/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1282. https://fastdial.net/static/styles/common/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d569f%0d%0a7b5b7a29df0 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/d569f%0d%0a7b5b7a29df0/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:06:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/d569f
7b5b7a29df0/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1283. https://fastdial.net/static/styles/common/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload c3a01%0d%0ac0f53b163ee was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/common/c3a01%0d%0ac0f53b163ee/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/common/c3a01
c0f53b163ee/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1284. https://fastdial.net/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 248af%0d%0a372dd690c4b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /248af%0d%0a372dd690c4b/styles/common/styles/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:08 GMT
Server: Apache
Location: http://fastdial.net/248af
372dd690c4b/styles/common/styles/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1285. https://fastdial.net/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload df309%0d%0a5de96b309a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/df309%0d%0a5de96b309a/common/styles/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:23 GMT
Server: Apache
Location: http://fastdial.net/static/df309
5de96b309a/common/styles/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1286. https://fastdial.net/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5e6a8%0d%0a2bafed6bfaf was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5e6a8%0d%0a2bafed6bfaf/styles/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5e6a8
2bafed6bfaf/styles/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1287. https://fastdial.net/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5bc5a%0d%0a028f80f94db was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/5bc5a%0d%0a028f80f94db/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/5bc5a
028f80f94db/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1288. https://fastdial.net/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e68cb%0d%0ad8698e01ba5 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/e68cb%0d%0ad8698e01ba5/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/e68cb
d8698e01ba5/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1289. https://fastdial.net/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d52b3%0d%0adbec46d9975 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/d52b3%0d%0adbec46d9975/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/d52b3
dbec46d9975/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1290. https://fastdial.net/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 99842%0d%0af2ee3485828 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/99842%0d%0af2ee3485828/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/99842
f2ee3485828/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1291. https://fastdial.net/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 9df09%0d%0a5297809a5ea was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/common/9df09%0d%0a5297809a5ea/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/common/9df09
5297809a5ea/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1292. https://fastdial.net/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 9 is copied into the Location response header. The payload ba2a3%0d%0ad0b5973fb03 was submitted in the REST URL parameter 9. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/common/styles/ba2a3%0d%0ad0b5973fb03/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/common/styles/ba2a3
d0b5973fb03/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1293. https://fastdial.net/static/styles/common/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 24057%0d%0aea702f2bc26 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /24057%0d%0aea702f2bc26/styles/common/styles/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:29 GMT
Server: Apache
Location: http://fastdial.net/24057
ea702f2bc26/styles/common/styles/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1294. https://fastdial.net/static/styles/common/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload eef0b%0d%0a7741c8e489c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/eef0b%0d%0a7741c8e489c/common/styles/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:46 GMT
Server: Apache
Location: http://fastdial.net/static/eef0b
7741c8e489c/common/styles/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1295. https://fastdial.net/static/styles/common/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1e5bf%0d%0ac2f7af7334d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1e5bf%0d%0ac2f7af7334d/styles/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1e5bf
c2f7af7334d/styles/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1296. https://fastdial.net/static/styles/common/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 30dfa%0d%0a97a3d331550 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/30dfa%0d%0a97a3d331550/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/30dfa
97a3d331550/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1297. https://fastdial.net/static/styles/common/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b5dab%0d%0abc9ef41576f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/b5dab%0d%0abc9ef41576f/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/b5dab
bc9ef41576f/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1298. https://fastdial.net/static/styles/common/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload afa81%0d%0ac692953d7e1 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/afa81%0d%0ac692953d7e1/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/afa81
c692953d7e1/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1299. https://fastdial.net/static/styles/common/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload ad360%0d%0ab8a91643a4a was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/ad360%0d%0ab8a91643a4a/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/ad360
b8a91643a4a/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1300. https://fastdial.net/static/styles/common/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 50747%0d%0a3b55133668 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/common/50747%0d%0a3b55133668/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:05:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/common/50747
3b55133668/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1301. https://fastdial.net/static/styles/common/styles/common/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload db08e%0d%0a6b778ac28f3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /db08e%0d%0a6b778ac28f3/styles/common/styles/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:10:11 GMT
Server: Apache
Location: http://fastdial.net/db08e
6b778ac28f3/styles/common/styles/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1302. https://fastdial.net/static/styles/common/styles/common/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b9b27%0d%0a95fbc61a9bb was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b9b27%0d%0a95fbc61a9bb/common/styles/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:10:31 GMT
Server: Apache
Location: http://fastdial.net/static/b9b27
95fbc61a9bb/common/styles/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1303. https://fastdial.net/static/styles/common/styles/common/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload df36b%0d%0a7d7b8416b7e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/df36b%0d%0a7d7b8416b7e/styles/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:10:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/df36b
7d7b8416b7e/styles/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1304. https://fastdial.net/static/styles/common/styles/common/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2ba61%0d%0a839fc8005d6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/2ba61%0d%0a839fc8005d6/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/2ba61
839fc8005d6/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1305. https://fastdial.net/static/styles/common/styles/common/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ad318%0d%0a423c3730eee was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/ad318%0d%0a423c3730eee/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/ad318
423c3730eee/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1306. https://fastdial.net/static/styles/common/styles/common/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d6413%0d%0acf5cab6878e was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/d6413%0d%0acf5cab6878e/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/d6413
cf5cab6878e/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1307. https://fastdial.net/static/styles/common/styles/common/images/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 95461%0d%0a066705b1532 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/95461%0d%0a066705b1532/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/95461
066705b1532/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1308. https://fastdial.net/static/styles/common/styles/common/images/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload e8f54%0d%0aea56f58a5bb was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/images/e8f54%0d%0aea56f58a5bb/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/images/e8f54
ea56f58a5bb/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1309. https://fastdial.net/static/styles/common/styles/common/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 649df%0d%0a879c392470f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /649df%0d%0a879c392470f/styles/common/styles/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:10:35 GMT
Server: Apache
Location: http://fastdial.net/649df
879c392470f/styles/common/styles/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1310. https://fastdial.net/static/styles/common/styles/common/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 35f73%0d%0ace6977d344c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/35f73%0d%0ace6977d344c/common/styles/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:10:47 GMT
Server: Apache
Location: http://fastdial.net/static/35f73
ce6977d344c/common/styles/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1311. https://fastdial.net/static/styles/common/styles/common/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a4dd6%0d%0a64e9f5822f7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a4dd6%0d%0a64e9f5822f7/styles/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a4dd6
64e9f5822f7/styles/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1312. https://fastdial.net/static/styles/common/styles/common/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 21f3a%0d%0a8805e27df59 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/21f3a%0d%0a8805e27df59/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/21f3a
8805e27df59/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1313. https://fastdial.net/static/styles/common/styles/common/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7fca4%0d%0af7b3c976fb0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/7fca4%0d%0af7b3c976fb0/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/7fca4
f7b3c976fb0/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1314. https://fastdial.net/static/styles/common/styles/common/images/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 2cd31%0d%0a559e203db68 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/2cd31%0d%0a559e203db68/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/2cd31
559e203db68/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1315. https://fastdial.net/static/styles/common/styles/common/images/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 83764%0d%0a599ed69939 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/83764%0d%0a599ed69939/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/83764
599ed69939/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1316. https://fastdial.net/static/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ab994%0d%0a6b6ce496fa9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ab994%0d%0a6b6ce496fa9/styles/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:55:33 GMT
Server: Apache
Location: http://fastdial.net/ab994
6b6ce496fa9/styles/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1317. https://fastdial.net/static/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload cb59f%0d%0a629c2b31726 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/cb59f%0d%0a629c2b31726/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:06 GMT
Server: Apache
Location: http://fastdial.net/static/cb59f
629c2b31726/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1318. https://fastdial.net/static/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5496b%0d%0ab3cc57fda5c was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5496b%0d%0ab3cc57fda5c/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5496b
b3cc57fda5c/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1319. https://fastdial.net/static/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 16458%0d%0a4480f8d8b52 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/16458%0d%0a4480f8d8b52/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/16458
4480f8d8b52/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1320. https://fastdial.net/static/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7154c%0d%0a4eb30fcdafc was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/7154c%0d%0a4eb30fcdafc/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:57:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/7154c
4eb30fcdafc/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1321. https://fastdial.net/static/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 4abd8%0d%0ac3f5bd40793 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/4abd8%0d%0ac3f5bd40793/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:57:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/4abd8
c3f5bd40793/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1322. https://fastdial.net/static/styles/common/styles/common/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8a9a6%0d%0a1ec2e6250f4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8a9a6%0d%0a1ec2e6250f4/styles/common/styles/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:09:13 GMT
Server: Apache
Location: http://fastdial.net/8a9a6
1ec2e6250f4/styles/common/styles/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1323. https://fastdial.net/static/styles/common/styles/common/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 10a9b%0d%0a07995f014fe was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/10a9b%0d%0a07995f014fe/common/styles/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:09:26 GMT
Server: Apache
Location: http://fastdial.net/static/10a9b
07995f014fe/common/styles/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1324. https://fastdial.net/static/styles/common/styles/common/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 17446%0d%0a75a2e25a7e3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/17446%0d%0a75a2e25a7e3/styles/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:09:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/17446
75a2e25a7e3/styles/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1325. https://fastdial.net/static/styles/common/styles/common/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 457fb%0d%0addb98fd66cd was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/457fb%0d%0addb98fd66cd/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:09:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/457fb
ddb98fd66cd/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1326. https://fastdial.net/static/styles/common/styles/common/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4b5e9%0d%0a64cc027993c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/4b5e9%0d%0a64cc027993c/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:10:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/4b5e9
64cc027993c/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1327. https://fastdial.net/static/styles/common/styles/common/images/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 99936%0d%0a4eb0c2a0daf was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/99936%0d%0a4eb0c2a0daf/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:10:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/99936
4eb0c2a0daf/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1328. https://fastdial.net/static/styles/common/styles/common/images/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload e6042%0d%0a2a0282bbfaf was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/e6042%0d%0a2a0282bbfaf/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:10:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/e6042
2a0282bbfaf/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1329. https://fastdial.net/static/styles/common/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e01e2%0d%0a919db0a8b55 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e01e2%0d%0a919db0a8b55/styles/common/styles/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:06:29 GMT
Server: Apache
Location: http://fastdial.net/e01e2
919db0a8b55/styles/common/styles/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1330. https://fastdial.net/static/styles/common/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7c6b0%0d%0ac64f1ddcb54 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7c6b0%0d%0ac64f1ddcb54/common/styles/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:36 GMT
Server: Apache
Location: http://fastdial.net/static/7c6b0
c64f1ddcb54/common/styles/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1331. https://fastdial.net/static/styles/common/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 37f00%0d%0a6ef977463ca was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/37f00%0d%0a6ef977463ca/styles/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/37f00
6ef977463ca/styles/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1332. https://fastdial.net/static/styles/common/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9582f%0d%0a1138bcf0c6a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/9582f%0d%0a1138bcf0c6a/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/9582f
1138bcf0c6a/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1333. https://fastdial.net/static/styles/common/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 47b53%0d%0a0e21034057b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/47b53%0d%0a0e21034057b/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/47b53
0e21034057b/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1334. https://fastdial.net/static/styles/common/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 80458%0d%0af3b009beacb was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/80458%0d%0af3b009beacb/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/80458
f3b009beacb/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1335. https://fastdial.net/static/styles/common/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload ae278%0d%0ae36e9abce4f was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/ae278%0d%0ae36e9abce4f/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/ae278
e36e9abce4f/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1336. https://fastdial.net/static/styles/common/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload c59fd%0d%0a09edf3b1f99 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/styles/c59fd%0d%0a09edf3b1f99/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:09:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/styles/c59fd
09edf3b1f99/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1337. https://fastdial.net/static/styles/common/styles/common/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1001a%0d%0ab0272e57e31 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1001a%0d%0ab0272e57e31/styles/common/styles/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:06:58 GMT
Server: Apache
Location: http://fastdial.net/1001a
b0272e57e31/styles/common/styles/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1338. https://fastdial.net/static/styles/common/styles/common/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 29f71%0d%0add06e8cf84f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/29f71%0d%0add06e8cf84f/common/styles/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:30 GMT
Server: Apache
Location: http://fastdial.net/static/29f71
dd06e8cf84f/common/styles/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1339. https://fastdial.net/static/styles/common/styles/common/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 48324%0d%0a132188b54ba was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/48324%0d%0a132188b54ba/styles/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/48324
132188b54ba/styles/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1340. https://fastdial.net/static/styles/common/styles/common/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ed081%0d%0a859a912484 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ed081%0d%0a859a912484/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:07:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ed081
859a912484/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1341. https://fastdial.net/static/styles/common/styles/common/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2e99e%0d%0ae470b8581de was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/2e99e%0d%0ae470b8581de/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/2e99e
e470b8581de/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1342. https://fastdial.net/static/styles/common/styles/common/images/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload abd28%0d%0a5995fa89f1d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/abd28%0d%0a5995fa89f1d/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/abd28
5995fa89f1d/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1343. https://fastdial.net/static/styles/common/styles/common/images/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload a0655%0d%0a8f4d7a63404 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/images/a0655%0d%0a8f4d7a63404/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:08:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/images/a0655
8f4d7a63404/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1344. https://fastdial.net/static/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 63926%0d%0a1cada759a5c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /63926%0d%0a1cada759a5c/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:54:49 GMT
Server: Apache
Location: http://fastdial.net/63926
1cada759a5c/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1345. https://fastdial.net/static/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload db883%0d%0af26d989c8f9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/db883%0d%0af26d989c8f9/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:55:03 GMT
Server: Apache
Location: http://fastdial.net/static/db883
f26d989c8f9/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1346. https://fastdial.net/static/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b3437%0d%0aa76fa3c9dfa was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b3437%0d%0aa76fa3c9dfa/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:55:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b3437
a76fa3c9dfa/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1347. https://fastdial.net/static/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a614d%0d%0a4a4aef2d852 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/a614d%0d%0a4a4aef2d852/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/a614d
4a4aef2d852/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1348. https://fastdial.net/static/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d0143%0d%0a54eec205246 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/d0143%0d%0a54eec205246/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/d0143
54eec205246/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1349. https://fastdial.net/static/styles/common/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1a6f9%0d%0a6a04602e754 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1a6f9%0d%0a6a04602e754/styles/common/styles/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:39 GMT
Server: Apache
Location: http://fastdial.net/1a6f9
6a04602e754/styles/common/styles/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1350. https://fastdial.net/static/styles/common/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 290e9%0d%0a15ec50064c8 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/290e9%0d%0a15ec50064c8/common/styles/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:58 GMT
Server: Apache
Location: http://fastdial.net/static/290e9
15ec50064c8/common/styles/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1351. https://fastdial.net/static/styles/common/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5a370%0d%0ad58bf131225 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5a370%0d%0ad58bf131225/styles/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5a370
d58bf131225/styles/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1352. https://fastdial.net/static/styles/common/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 88196%0d%0ae9be33149c9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/88196%0d%0ae9be33149c9/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/88196
e9be33149c9/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1353. https://fastdial.net/static/styles/common/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload fdf7b%0d%0a846a7038ad6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/fdf7b%0d%0a846a7038ad6/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/fdf7b
846a7038ad6/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1354. https://fastdial.net/static/styles/common/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d096c%0d%0a82698e7a4cb was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/d096c%0d%0a82698e7a4cb/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/d096c
82698e7a4cb/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1355. https://fastdial.net/static/styles/common/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 57658%0d%0a26aedd01241 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/scripts/57658%0d%0a26aedd01241/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/scripts/57658
26aedd01241/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1356. https://fastdial.net/static/styles/common/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload e08f3%0d%0ab8da81dfd89 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/scripts/images/e08f3%0d%0ab8da81dfd89/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/scripts/images/e08f3
b8da81dfd89/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1357. https://fastdial.net/static/styles/common/styles/common/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 21f67%0d%0a6554a3c8dce was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /21f67%0d%0a6554a3c8dce/styles/common/styles/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:39 GMT
Server: Apache
Location: http://fastdial.net/21f67
6554a3c8dce/styles/common/styles/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1358. https://fastdial.net/static/styles/common/styles/common/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 296b4%0d%0a4f8f7670f5f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/296b4%0d%0a4f8f7670f5f/common/styles/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:52 GMT
Server: Apache
Location: http://fastdial.net/static/296b4
4f8f7670f5f/common/styles/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1359. https://fastdial.net/static/styles/common/styles/common/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 294e6%0d%0a726f6b23785 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/294e6%0d%0a726f6b23785/styles/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/294e6
726f6b23785/styles/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1360. https://fastdial.net/static/styles/common/styles/common/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d7d8c%0d%0a9dbd84bdb4a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/d7d8c%0d%0a9dbd84bdb4a/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/d7d8c
9dbd84bdb4a/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1361. https://fastdial.net/static/styles/common/styles/common/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload aea3d%0d%0a12ef0d68289 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/aea3d%0d%0a12ef0d68289/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/aea3d
12ef0d68289/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1362. https://fastdial.net/static/styles/common/styles/common/scripts/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 318ae%0d%0a5b8977f58a8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/318ae%0d%0a5b8977f58a8/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/318ae
5b8977f58a8/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1363. https://fastdial.net/static/styles/common/styles/common/scripts/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d00d0%0d%0a9567bf9fa27 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/scripts/d00d0%0d%0a9567bf9fa27/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:04:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/scripts/d00d0
9567bf9fa27/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1364. https://fastdial.net/static/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8265c%0d%0a240f5938002 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8265c%0d%0a240f5938002/styles/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:54:39 GMT
Server: Apache
Location: http://fastdial.net/8265c
240f5938002/styles/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1365. https://fastdial.net/static/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 10eba%0d%0aa6760c81af7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/10eba%0d%0aa6760c81af7/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:55:18 GMT
Server: Apache
Location: http://fastdial.net/static/10eba
a6760c81af7/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1366. https://fastdial.net/static/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 829a8%0d%0afaf504c9abd was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/829a8%0d%0afaf504c9abd/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:55:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/829a8
faf504c9abd/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1367. https://fastdial.net/static/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 46c94%0d%0ad3a83e9f248 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/46c94%0d%0ad3a83e9f248/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/46c94
d3a83e9f248/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1368. https://fastdial.net/static/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload df926%0d%0aa9e6b13e98c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/df926%0d%0aa9e6b13e98c/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/df926
a9e6b13e98c/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1369. https://fastdial.net/static/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f505e%0d%0abbc9f54c172 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/f505e%0d%0abbc9f54c172/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:56:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/f505e
bbc9f54c172/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1370. https://fastdial.net/static/styles/common/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3ecc7%0d%0a7dbb7eb742d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3ecc7%0d%0a7dbb7eb742d/styles/common/styles/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:33 GMT
Server: Apache
Location: http://fastdial.net/3ecc7
7dbb7eb742d/styles/common/styles/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1371. https://fastdial.net/static/styles/common/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e07c5%0d%0a1d427017ccd was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e07c5%0d%0a1d427017ccd/common/styles/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:49 GMT
Server: Apache
Location: http://fastdial.net/static/e07c5
1d427017ccd/common/styles/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1372. https://fastdial.net/static/styles/common/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2864d%0d%0a82ab929736 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/2864d%0d%0a82ab929736/styles/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/2864d
82ab929736/styles/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1373. https://fastdial.net/static/styles/common/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fd331%0d%0a2fb780689e6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/fd331%0d%0a2fb780689e6/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/fd331
2fb780689e6/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1374. https://fastdial.net/static/styles/common/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 69c5c%0d%0a77b7ba1d352 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/69c5c%0d%0a77b7ba1d352/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/69c5c
77b7ba1d352/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1375. https://fastdial.net/static/styles/common/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 97c99%0d%0a68c565f5ccb was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/97c99%0d%0a68c565f5ccb/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:02:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/97c99
68c565f5ccb/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1376. https://fastdial.net/static/styles/common/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload c6f1a%0d%0a6ff239a2e2c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/scripts/c6f1a%0d%0a6ff239a2e2c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:03:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/scripts/c6f1a
6ff239a2e2c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1377. https://fastdial.net/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f5f5f%0d%0aae46c4134e3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f5f5f%0d%0aae46c4134e3/styles/common/styles/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:29 GMT
Server: Apache
Location: http://fastdial.net/f5f5f
ae46c4134e3/styles/common/styles/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1378. https://fastdial.net/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload dfc5d%0d%0ad9276d246f9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/dfc5d%0d%0ad9276d246f9/common/styles/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:46 GMT
Server: Apache
Location: http://fastdial.net/static/dfc5d
d9276d246f9/common/styles/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1379. https://fastdial.net/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 84ebd%0d%0a271002eb4f5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/84ebd%0d%0a271002eb4f5/styles/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/84ebd
271002eb4f5/styles/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1380. https://fastdial.net/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e4746%0d%0abe67bd58544 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/e4746%0d%0abe67bd58544/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/e4746
be67bd58544/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1381. https://fastdial.net/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2d2ac%0d%0addcd2d3cc35 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/2d2ac%0d%0addcd2d3cc35/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/2d2ac
ddcd2d3cc35/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1382. https://fastdial.net/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b1158%0d%0a3e5ee863708 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/b1158%0d%0a3e5ee863708/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/b1158
3e5ee863708/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1383. https://fastdial.net/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 785b3%0d%0a8e7f135502c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/scripts/785b3%0d%0a8e7f135502c/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/scripts/785b3
8e7f135502c/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1384. https://fastdial.net/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 4c7bc%0d%0a3720e2f59c3 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/scripts/styles/4c7bc%0d%0a3720e2f59c3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/scripts/styles/4c7bc
3720e2f59c3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1385. https://fastdial.net/static/styles/common/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 733ee%0d%0a14c735b6410 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /733ee%0d%0a14c735b6410/styles/common/styles/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:20 GMT
Server: Apache
Location: http://fastdial.net/733ee
14c735b6410/styles/common/styles/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1386. https://fastdial.net/static/styles/common/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 98aa1%0d%0a7d31c8ebfbf was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/98aa1%0d%0a7d31c8ebfbf/common/styles/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:35 GMT
Server: Apache
Location: http://fastdial.net/static/98aa1
7d31c8ebfbf/common/styles/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1387. https://fastdial.net/static/styles/common/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5e2de%0d%0ad636befa445 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5e2de%0d%0ad636befa445/styles/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5e2de
d636befa445/styles/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1388. https://fastdial.net/static/styles/common/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 47b99%0d%0aae13654536d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/47b99%0d%0aae13654536d/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/47b99
ae13654536d/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1389. https://fastdial.net/static/styles/common/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f57cb%0d%0aa09e0f731ba was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/f57cb%0d%0aa09e0f731ba/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/f57cb
a09e0f731ba/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1390. https://fastdial.net/static/styles/common/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 81814%0d%0aa0c4f66de94 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/81814%0d%0aa0c4f66de94/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/81814
a0c4f66de94/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1391. https://fastdial.net/static/styles/common/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 9671d%0d%0a9b658468fdc was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/scripts/9671d%0d%0a9b658468fdc/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/scripts/9671d
9b658468fdc/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1392. https://fastdial.net/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f23a1%0d%0ae5dad76eeec was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f23a1%0d%0ae5dad76eeec/styles/common/styles/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:31 GMT
Server: Apache
Location: http://fastdial.net/f23a1
e5dad76eeec/styles/common/styles/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1393. https://fastdial.net/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1be0a%0d%0abb633c31d7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1be0a%0d%0abb633c31d7/common/styles/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:46 GMT
Server: Apache
Location: http://fastdial.net/static/1be0a
bb633c31d7/common/styles/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1394. https://fastdial.net/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5c33c%0d%0aeb540a01d31 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5c33c%0d%0aeb540a01d31/styles/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:30:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5c33c
eb540a01d31/styles/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1395. https://fastdial.net/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9052d%0d%0a324c1c6e1e1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/9052d%0d%0a324c1c6e1e1/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:30:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/9052d
324c1c6e1e1/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1396. https://fastdial.net/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 55245%0d%0aa31a65c1647 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/55245%0d%0aa31a65c1647/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:30:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/55245
a31a65c1647/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1397. https://fastdial.net/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 4dd85%0d%0a50a50ddc7d0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/4dd85%0d%0a50a50ddc7d0/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:30:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/4dd85
50a50ddc7d0/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1398. https://fastdial.net/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload ef474%0d%0af60e31f89d5 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/ef474%0d%0af60e31f89d5/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:31:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/ef474
f60e31f89d5/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1399. https://fastdial.net/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 5fbad%0d%0a651d7257f69 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/common/5fbad%0d%0a651d7257f69/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:31:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/common/5fbad
651d7257f69/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1400. https://fastdial.net/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 9 is copied into the Location response header. The payload e49b2%0d%0aa83e2117c0c was submitted in the REST URL parameter 9. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/common/images/e49b2%0d%0aa83e2117c0c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:32:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/common/images/e49b2
a83e2117c0c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1401. https://fastdial.net/static/styles/common/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7cf72%0d%0ac19b83ead8c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7cf72%0d%0ac19b83ead8c/styles/common/styles/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:34:35 GMT
Server: Apache
Location: http://fastdial.net/7cf72
c19b83ead8c/styles/common/styles/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1402. https://fastdial.net/static/styles/common/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 98371%0d%0a4565955316b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/98371%0d%0a4565955316b/common/styles/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:34:46 GMT
Server: Apache
Location: http://fastdial.net/static/98371
4565955316b/common/styles/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1403. https://fastdial.net/static/styles/common/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 92b12%0d%0afc30e5bdd0f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/92b12%0d%0afc30e5bdd0f/styles/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/92b12
fc30e5bdd0f/styles/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1404. https://fastdial.net/static/styles/common/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload deca3%0d%0a3908acde47b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/deca3%0d%0a3908acde47b/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/deca3
3908acde47b/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1405. https://fastdial.net/static/styles/common/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1e85d%0d%0a30fbab31cf3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/1e85d%0d%0a30fbab31cf3/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/1e85d
30fbab31cf3/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1406. https://fastdial.net/static/styles/common/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 5b939%0d%0a183601e6236 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/5b939%0d%0a183601e6236/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/5b939
183601e6236/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1407. https://fastdial.net/static/styles/common/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d3b9b%0d%0a3fd09df3e70 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/d3b9b%0d%0a3fd09df3e70/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/d3b9b
3fd09df3e70/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1408. https://fastdial.net/static/styles/common/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload d6c3c%0d%0a198628c549a was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/common/d6c3c%0d%0a198628c549a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/common/d6c3c
198628c549a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1409. https://fastdial.net/static/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload de7dd%0d%0a57a8ae1aaef was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /de7dd%0d%0a57a8ae1aaef/styles/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:02 GMT
Server: Apache
Location: http://fastdial.net/de7dd
57a8ae1aaef/styles/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1410. https://fastdial.net/static/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c302c%0d%0a200920158b2 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c302c%0d%0a200920158b2/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:17 GMT
Server: Apache
Location: http://fastdial.net/static/c302c
200920158b2/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1411. https://fastdial.net/static/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 39986%0d%0a946879fa487 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/39986%0d%0a946879fa487/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/39986
946879fa487/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1412. https://fastdial.net/static/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1dcb1%0d%0a7267ded3c9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/1dcb1%0d%0a7267ded3c9/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/1dcb1
7267ded3c9/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1413. https://fastdial.net/static/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 84263%0d%0a79596150422 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/84263%0d%0a79596150422/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:54:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/84263
79596150422/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1414. https://fastdial.net/static/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d9b95%0d%0a5cdff27b10f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/d9b95%0d%0a5cdff27b10f/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:54:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/d9b95
5cdff27b10f/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1415. https://fastdial.net/static/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 65af4%0d%0abd6c5ef4d25 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/65af4%0d%0abd6c5ef4d25/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:54:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/65af4
bd6c5ef4d25/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1416. https://fastdial.net/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 21a6d%0d%0a105e1475788 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /21a6d%0d%0a105e1475788/styles/common/styles/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:22:05 GMT
Server: Apache
Location: http://fastdial.net/21a6d
105e1475788/styles/common/styles/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1417. https://fastdial.net/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ebd22%0d%0ac85257a1bed was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ebd22%0d%0ac85257a1bed/common/styles/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:24:19 GMT
Server: Apache
Location: http://fastdial.net/static/ebd22
c85257a1bed/common/styles/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1418. https://fastdial.net/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4cd69%0d%0a75ffb152d67 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/4cd69%0d%0a75ffb152d67/styles/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:24:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/4cd69
75ffb152d67/styles/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1419. https://fastdial.net/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload aeb28%0d%0ae211872498b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/aeb28%0d%0ae211872498b/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:25:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/aeb28
e211872498b/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1420. https://fastdial.net/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 19da6%0d%0a24fe1eb9922 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/19da6%0d%0a24fe1eb9922/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:25:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/19da6
24fe1eb9922/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1421. https://fastdial.net/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 52e06%0d%0a710c4aa28a8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/52e06%0d%0a710c4aa28a8/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:26:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/52e06
710c4aa28a8/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1422. https://fastdial.net/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 5fdbd%0d%0ab18d00aceda was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/5fdbd%0d%0ab18d00aceda/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:26:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/5fdbd
b18d00aceda/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1423. https://fastdial.net/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 9194c%0d%0a85e8fe81b86 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/common/9194c%0d%0a85e8fe81b86/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:27:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/common/9194c
85e8fe81b86/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1424. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5a9e1%0d%0aadcc5bdccda was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5a9e1%0d%0aadcc5bdccda/styles/common/styles/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:08:29 GMT
Server: Apache
Location: http://fastdial.net/5a9e1
adcc5bdccda/styles/common/styles/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1425. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e6b6e%0d%0a26e81a20012 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e6b6e%0d%0a26e81a20012/common/styles/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:08:46 GMT
Server: Apache
Location: http://fastdial.net/static/e6b6e
26e81a20012/common/styles/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1426. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 91144%0d%0a2f9c72f314b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/91144%0d%0a2f9c72f314b/styles/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:09:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/91144
2f9c72f314b/styles/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1427. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e1337%0d%0afe447a701df was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/e1337%0d%0afe447a701df/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/e1337
fe447a701df/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1428. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 859ad%0d%0a5da9a208b24 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/859ad%0d%0a5da9a208b24/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/859ad
5da9a208b24/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1429. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 11ba1%0d%0a6aa109d140f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/11ba1%0d%0a6aa109d140f/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:10:49 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/11ba1
6aa109d140f/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1430. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 55a6d%0d%0a3826a01c61f was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/55a6d%0d%0a3826a01c61f/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:11:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/55a6d
3826a01c61f/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1431. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload ab904%0d%0a31ede7e88ff was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/common/ab904%0d%0a31ede7e88ff/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:12:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/common/ab904
31ede7e88ff/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1432. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 9 is copied into the Location response header. The payload bc24c%0d%0a63c20c2dd84 was submitted in the REST URL parameter 9. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/common/styles/bc24c%0d%0a63c20c2dd84/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:12:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/common/styles/bc24c
63c20c2dd84/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1433. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7e4eb%0d%0af895c20b1e9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7e4eb%0d%0af895c20b1e9/styles/common/styles/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:18:47 GMT
Server: Apache
Location: http://fastdial.net/7e4eb
f895c20b1e9/styles/common/styles/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1434. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 749cb%0d%0a8fb83375e8f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/749cb%0d%0a8fb83375e8f/common/styles/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:09 GMT
Server: Apache
Location: http://fastdial.net/static/749cb
8fb83375e8f/common/styles/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1435. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 15dce%0d%0ae08774c8c9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/15dce%0d%0ae08774c8c9/styles/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/15dce
e08774c8c9/styles/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1436. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 15892%0d%0ab97a9a43c6d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/15892%0d%0ab97a9a43c6d/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/15892
b97a9a43c6d/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1437. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f5dad%0d%0aeff14b0680c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/f5dad%0d%0aeff14b0680c/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/f5dad
eff14b0680c/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1438. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a09c4%0d%0a54d81bd20d6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/a09c4%0d%0a54d81bd20d6/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:20:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/a09c4
54d81bd20d6/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1439. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload ef53b%0d%0abc55b36e5b6 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/ef53b%0d%0abc55b36e5b6/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:20:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/ef53b
bc55b36e5b6/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1440. https://fastdial.net/static/styles/common/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 8ccdc%0d%0a94ec9a65bcb was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/common/8ccdc%0d%0a94ec9a65bcb/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:20:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/common/8ccdc
94ec9a65bcb/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1441. https://fastdial.net/static/styles/common/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7100a%0d%0a37abd846f4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7100a%0d%0a37abd846f4/styles/common/styles/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:55:50 GMT
Server: Apache
Location: http://fastdial.net/7100a
37abd846f4/styles/common/styles/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1442. https://fastdial.net/static/styles/common/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 71b71%0d%0a66745bedbbc was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/71b71%0d%0a66745bedbbc/common/styles/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:56:43 GMT
Server: Apache
Location: http://fastdial.net/static/71b71
66745bedbbc/common/styles/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1443. https://fastdial.net/static/styles/common/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 50d81%0d%0a10c505bf8a6 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/50d81%0d%0a10c505bf8a6/styles/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:56:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/50d81
10c505bf8a6/styles/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1444. https://fastdial.net/static/styles/common/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2386e%0d%0ab631ba1add8 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/2386e%0d%0ab631ba1add8/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:57:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/2386e
b631ba1add8/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1445. https://fastdial.net/static/styles/common/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3ad94%0d%0ade0420b6c6b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/3ad94%0d%0ade0420b6c6b/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:57:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/3ad94
de0420b6c6b/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1446. https://fastdial.net/static/styles/common/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 34bb0%0d%0a9f9237ebcba was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/34bb0%0d%0a9f9237ebcba/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:57:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/34bb0
9f9237ebcba/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1447. https://fastdial.net/static/styles/common/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d133f%0d%0af80d54a6036 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/d133f%0d%0af80d54a6036/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:58:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/d133f
f80d54a6036/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1448. https://fastdial.net/static/styles/common/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload ce482%0d%0afba70bfd0cb was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/images/ce482%0d%0afba70bfd0cb/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:58:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/images/ce482
fba70bfd0cb/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1449. https://fastdial.net/static/styles/common/styles/common/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1b7f0%0d%0a0882a8df73a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1b7f0%0d%0a0882a8df73a/styles/common/styles/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:27 GMT
Server: Apache
Location: http://fastdial.net/1b7f0
0882a8df73a/styles/common/styles/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1450. https://fastdial.net/static/styles/common/styles/common/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 277a9%0d%0ab121586f1e6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/277a9%0d%0ab121586f1e6/common/styles/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:59:42 GMT
Server: Apache
Location: http://fastdial.net/static/277a9
b121586f1e6/common/styles/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1451. https://fastdial.net/static/styles/common/styles/common/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c8075%0d%0a13908afd8cd was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c8075%0d%0a13908afd8cd/styles/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c8075
13908afd8cd/styles/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1452. https://fastdial.net/static/styles/common/styles/common/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1e08a%0d%0ac92b122e4e5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/1e08a%0d%0ac92b122e4e5/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/1e08a
c92b122e4e5/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1453. https://fastdial.net/static/styles/common/styles/common/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1f507%0d%0aa8cf3210943 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/1f507%0d%0aa8cf3210943/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/1f507
a8cf3210943/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1454. https://fastdial.net/static/styles/common/styles/common/styles/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload cd89c%0d%0a007e24cdbf9 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/cd89c%0d%0a007e24cdbf9/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:00:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/cd89c
007e24cdbf9/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1455. https://fastdial.net/static/styles/common/styles/common/styles/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload cbfd6%0d%0aac3186bfe28 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/cbfd6%0d%0aac3186bfe28/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:01:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/cbfd6
ac3186bfe28/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1456. https://fastdial.net/static/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9bcdf%0d%0a2af3b43e33e was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9bcdf%0d%0a2af3b43e33e/styles/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:52:51 GMT
Server: Apache
Location: http://fastdial.net/9bcdf
2af3b43e33e/styles/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1457. https://fastdial.net/static/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 88044%0d%0acdbaacd5aff was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/88044%0d%0acdbaacd5aff/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:07 GMT
Server: Apache
Location: http://fastdial.net/static/88044
cdbaacd5aff/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1458. https://fastdial.net/static/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7ea85%0d%0aa0dbcdbf17 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/7ea85%0d%0aa0dbcdbf17/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/7ea85
a0dbcdbf17/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1459. https://fastdial.net/static/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 55c84%0d%0ae5e85f62d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/55c84%0d%0ae5e85f62d/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/55c84
e5e85f62d/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1460. https://fastdial.net/static/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 60ef8%0d%0a3efae59c8f1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/60ef8%0d%0a3efae59c8f1/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/60ef8
3efae59c8f1/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1461. https://fastdial.net/static/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload ad651%0d%0a24a751baca2 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/ad651%0d%0a24a751baca2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:53:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/ad651
24a751baca2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1462. https://fastdial.net/static/styles/common/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5c6b1%0d%0abdf482dd4b1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5c6b1%0d%0abdf482dd4b1/styles/common/styles/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:50:51 GMT
Server: Apache
Location: http://fastdial.net/5c6b1
bdf482dd4b1/styles/common/styles/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1463. https://fastdial.net/static/styles/common/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 31bda%0d%0ab3e88ab8c6f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/31bda%0d%0ab3e88ab8c6f/common/styles/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:05 GMT
Server: Apache
Location: http://fastdial.net/static/31bda
b3e88ab8c6f/common/styles/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1464. https://fastdial.net/static/styles/common/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e9293%0d%0a87f8c524a97 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e9293%0d%0a87f8c524a97/styles/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e9293
87f8c524a97/styles/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1465. https://fastdial.net/static/styles/common/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 64ce2%0d%0a1fdf859cbd8 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/64ce2%0d%0a1fdf859cbd8/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/64ce2
1fdf859cbd8/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1466. https://fastdial.net/static/styles/common/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 608a4%0d%0a6e4510943e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/608a4%0d%0a6e4510943e/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:51:49 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/608a4
6e4510943e/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1467. https://fastdial.net/static/styles/common/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 98f14%0d%0a83e5c39f2cc was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/98f14%0d%0a83e5c39f2cc/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:52:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/98f14
83e5c39f2cc/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1468. https://fastdial.net/static/styles/common/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload be46b%0d%0a156685b69ae was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/be46b%0d%0a156685b69ae/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:52:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/be46b
156685b69ae/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1469. https://fastdial.net/static/styles/common/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload cc2c9%0d%0aed3f771d44d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /cc2c9%0d%0aed3f771d44d/styles/common/styles/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:35 GMT
Server: Apache
Location: http://fastdial.net/cc2c9
ed3f771d44d/styles/common/styles/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1470. https://fastdial.net/static/styles/common/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5ca62%0d%0a6578b860d18 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5ca62%0d%0a6578b860d18/common/styles/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:49 GMT
Server: Apache
Location: http://fastdial.net/static/5ca62
6578b860d18/common/styles/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1471. https://fastdial.net/static/styles/common/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 399a9%0d%0a09720e9648 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/399a9%0d%0a09720e9648/styles/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/399a9
09720e9648/styles/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1472. https://fastdial.net/static/styles/common/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6a9e5%0d%0a0a08a9c6f85 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/6a9e5%0d%0a0a08a9c6f85/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/6a9e5
0a08a9c6f85/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1473. https://fastdial.net/static/styles/common/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c971f%0d%0ac2075e57b99 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/c971f%0d%0ac2075e57b99/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/c971f
c2075e57b99/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1474. https://fastdial.net/static/styles/common/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f30b2%0d%0add18b644ba4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/f30b2%0d%0add18b644ba4/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/f30b2
dd18b644ba4/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1475. https://fastdial.net/static/styles/common/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 3b9cd%0d%0afd785492110 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/3b9cd%0d%0afd785492110/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:40:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/3b9cd
fd785492110/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1476. https://fastdial.net/static/styles/common/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload f6cce%0d%0aa92b1596add was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/styles/f6cce%0d%0aa92b1596add/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:40:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/styles/f6cce
a92b1596add/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1477. https://fastdial.net/static/styles/common/styles/common/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 23581%0d%0a50f0c6c6278 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /23581%0d%0a50f0c6c6278/styles/common/styles/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:45:56 GMT
Server: Apache
Location: http://fastdial.net/23581
50f0c6c6278/styles/common/styles/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1478. https://fastdial.net/static/styles/common/styles/common/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3afd1%0d%0a7eb00e76d9c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3afd1%0d%0a7eb00e76d9c/common/styles/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:46:12 GMT
Server: Apache
Location: http://fastdial.net/static/3afd1
7eb00e76d9c/common/styles/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1479. https://fastdial.net/static/styles/common/styles/common/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 622a5%0d%0a92dc44c7ce9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/622a5%0d%0a92dc44c7ce9/styles/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:46:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/622a5
92dc44c7ce9/styles/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1480. https://fastdial.net/static/styles/common/styles/common/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b6a8e%0d%0aa317d71860d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/b6a8e%0d%0aa317d71860d/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:46:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/b6a8e
a317d71860d/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1481. https://fastdial.net/static/styles/common/styles/common/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5d690%0d%0a472962e0afe was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/5d690%0d%0a472962e0afe/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:46:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/5d690
472962e0afe/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1482. https://fastdial.net/static/styles/common/styles/common/styles/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 98ef6%0d%0a5e52aad2276 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/98ef6%0d%0a5e52aad2276/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:47:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/98ef6
5e52aad2276/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1483. https://fastdial.net/static/styles/common/styles/common/styles/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 64d7c%0d%0a85403d5336c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/common/styles/64d7c%0d%0a85403d5336c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:47:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/common/styles/64d7c
85403d5336c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1484. https://fastdial.net/static/styles/common/styles/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 95187%0d%0ac7e4f416ecd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /95187%0d%0ac7e4f416ecd/styles/common/styles/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:25:45 GMT
Server: Apache
Location: http://fastdial.net/95187
c7e4f416ecd/styles/common/styles/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1485. https://fastdial.net/static/styles/common/styles/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 39d50%0d%0a15e712e146c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/39d50%0d%0a15e712e146c/common/styles/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:00 GMT
Server: Apache
Location: http://fastdial.net/static/39d50
15e712e146c/common/styles/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1486. https://fastdial.net/static/styles/common/styles/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload db79b%0d%0aa84599ea909 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/db79b%0d%0aa84599ea909/styles/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/db79b
a84599ea909/styles/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1487. https://fastdial.net/static/styles/common/styles/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e6e9b%0d%0adc1e20eab5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/e6e9b%0d%0adc1e20eab5/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/e6e9b
dc1e20eab5/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1488. https://fastdial.net/static/styles/common/styles/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload cfa0b%0d%0ae151e8fdba3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/cfa0b%0d%0ae151e8fdba3/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:27:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/cfa0b
e151e8fdba3/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1489. https://fastdial.net/static/styles/common/styles/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 21b43%0d%0a7bc58a1e653 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/21b43%0d%0a7bc58a1e653/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/21b43
7bc58a1e653/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1490. https://fastdial.net/static/styles/common/styles/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 658bf%0d%0a81b487ffe90 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/common/658bf%0d%0a81b487ffe90/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/common/658bf
81b487ffe90/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1491. https://fastdial.net/static/styles/common/styles/images/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 5daac%0d%0a604a116079b was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/common/images/5daac%0d%0a604a116079b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:29:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/common/images/5daac
604a116079b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1492. https://fastdial.net/static/styles/common/styles/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f6335%0d%0af2dea57978a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f6335%0d%0af2dea57978a/styles/common/styles/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:28 GMT
Server: Apache
Location: http://fastdial.net/f6335
f2dea57978a/styles/common/styles/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1493. https://fastdial.net/static/styles/common/styles/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3bb26%0d%0aeacf54c8213 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3bb26%0d%0aeacf54c8213/common/styles/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:39 GMT
Server: Apache
Location: http://fastdial.net/static/3bb26
eacf54c8213/common/styles/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1494. https://fastdial.net/static/styles/common/styles/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a1d41%0d%0ad196d706043 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a1d41%0d%0ad196d706043/styles/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a1d41
d196d706043/styles/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1495. https://fastdial.net/static/styles/common/styles/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4d286%0d%0acb52af07157 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/4d286%0d%0acb52af07157/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:27:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/4d286
cb52af07157/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1496. https://fastdial.net/static/styles/common/styles/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c5ff1%0d%0a20d3924f718 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/c5ff1%0d%0a20d3924f718/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/c5ff1
20d3924f718/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1497. https://fastdial.net/static/styles/common/styles/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 4c92b%0d%0ab3546370e36 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/4c92b%0d%0ab3546370e36/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/4c92b
b3546370e36/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1498. https://fastdial.net/static/styles/common/styles/images/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload fccec%0d%0a7771d183195 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/common/fccec%0d%0a7771d183195/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:29:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/common/fccec
7771d183195/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1499. https://fastdial.net/static/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload bb2fc%0d%0aaf730b1cfce was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /bb2fc%0d%0aaf730b1cfce/styles/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:59:40 GMT
Server: Apache
Location: http://fastdial.net/bb2fc
af730b1cfce/styles/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1500. https://fastdial.net/static/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ccf8a%0d%0a3abec64d979 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ccf8a%0d%0a3abec64d979/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:18 GMT
Server: Apache
Location: http://fastdial.net/static/ccf8a
3abec64d979/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1501. https://fastdial.net/static/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ef816%0d%0a0282ab59dda was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ef816%0d%0a0282ab59dda/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ef816
0282ab59dda/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1502. https://fastdial.net/static/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 77a09%0d%0ad341ed28897 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/77a09%0d%0ad341ed28897/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/77a09
d341ed28897/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1503. https://fastdial.net/static/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c55dd%0d%0a0ef2a8ac1dd was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/c55dd%0d%0a0ef2a8ac1dd/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:01:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/c55dd
0ef2a8ac1dd/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1504. https://fastdial.net/static/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 36e0c%0d%0aa7b9156f0fe was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/36e0c%0d%0aa7b9156f0fe/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:01:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/36e0c
a7b9156f0fe/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1505. https://fastdial.net/static/styles/common/styles/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c45d2%0d%0a70f0316f6e9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c45d2%0d%0a70f0316f6e9/styles/common/styles/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:22:32 GMT
Server: Apache
Location: http://fastdial.net/c45d2
70f0316f6e9/styles/common/styles/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1506. https://fastdial.net/static/styles/common/styles/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3bc41%0d%0a3d34a5642ed was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3bc41%0d%0a3d34a5642ed/common/styles/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:08 GMT
Server: Apache
Location: http://fastdial.net/static/3bc41
3d34a5642ed/common/styles/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1507. https://fastdial.net/static/styles/common/styles/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d6673%0d%0af363c73fb39 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/d6673%0d%0af363c73fb39/styles/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/d6673
f363c73fb39/styles/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1508. https://fastdial.net/static/styles/common/styles/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9f35f%0d%0a8893ed38942 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/9f35f%0d%0a8893ed38942/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/9f35f
8893ed38942/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1509. https://fastdial.net/static/styles/common/styles/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e9cd7%0d%0ac4f488e2d7d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/e9cd7%0d%0ac4f488e2d7d/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/e9cd7
c4f488e2d7d/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1510. https://fastdial.net/static/styles/common/styles/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 8738e%0d%0aa8da137d269 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/8738e%0d%0aa8da137d269/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/8738e
a8da137d269/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1511. https://fastdial.net/static/styles/common/styles/images/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload b2057%0d%0a31b94cf05af was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/common/b2057%0d%0a31b94cf05af/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/common/b2057
31b94cf05af/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1512. https://fastdial.net/static/styles/common/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c6fae%0d%0a5167a6472b9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c6fae%0d%0a5167a6472b9/styles/common/styles/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:21:50 GMT
Server: Apache
Location: http://fastdial.net/c6fae
5167a6472b9/styles/common/styles/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1513. https://fastdial.net/static/styles/common/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 293d9%0d%0af561c58827d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/293d9%0d%0af561c58827d/common/styles/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:22:31 GMT
Server: Apache
Location: http://fastdial.net/static/293d9
f561c58827d/common/styles/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1514. https://fastdial.net/static/styles/common/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5aee8%0d%0a31083853915 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5aee8%0d%0a31083853915/styles/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5aee8
31083853915/styles/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1515. https://fastdial.net/static/styles/common/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7da08%0d%0a667cc29b3e0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/7da08%0d%0a667cc29b3e0/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/7da08
667cc29b3e0/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1516. https://fastdial.net/static/styles/common/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6fd39%0d%0abe76cd0d895 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/6fd39%0d%0abe76cd0d895/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/6fd39
be76cd0d895/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1517. https://fastdial.net/static/styles/common/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload eceac%0d%0a01655a44d02 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/eceac%0d%0a01655a44d02/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/eceac
01655a44d02/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1518. https://fastdial.net/static/styles/common/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 4f1e5%0d%0a819c5f1f522 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/common/4f1e5%0d%0a819c5f1f522/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/common/4f1e5
819c5f1f522/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1519. https://fastdial.net/static/styles/common/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload fe806%0d%0a34037d87bb5 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/common/styles/fe806%0d%0a34037d87bb5/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/common/styles/fe806
34037d87bb5/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1520. https://fastdial.net/static/styles/common/styles/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6f3db%0d%0a4f01a7b445f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6f3db%0d%0a4f01a7b445f/styles/common/styles/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:22:01 GMT
Server: Apache
Location: http://fastdial.net/6f3db
4f01a7b445f/styles/common/styles/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1521. https://fastdial.net/static/styles/common/styles/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f52e8%0d%0a265b35183de was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f52e8%0d%0a265b35183de/common/styles/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:08 GMT
Server: Apache
Location: http://fastdial.net/static/f52e8
265b35183de/common/styles/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1522. https://fastdial.net/static/styles/common/styles/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 42077%0d%0a6f0092590e4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/42077%0d%0a6f0092590e4/styles/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/42077
6f0092590e4/styles/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1523. https://fastdial.net/static/styles/common/styles/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ac19d%0d%0a55855ca924d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ac19d%0d%0a55855ca924d/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ac19d
55855ca924d/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1524. https://fastdial.net/static/styles/common/styles/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload be508%0d%0ae282bbf2224 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/be508%0d%0ae282bbf2224/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/be508
e282bbf2224/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1525. https://fastdial.net/static/styles/common/styles/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1bbee%0d%0a83280be5309 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/1bbee%0d%0a83280be5309/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/1bbee
83280be5309/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1526. https://fastdial.net/static/styles/common/styles/images/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 73a22%0d%0a9b255ad6b8f was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/common/73a22%0d%0a9b255ad6b8f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/common/73a22
9b255ad6b8f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1527. https://fastdial.net/static/styles/common/styles/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 73dcd%0d%0ad5f65431918 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /73dcd%0d%0ad5f65431918/styles/common/styles/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:30:26 GMT
Server: Apache
Location: http://fastdial.net/73dcd
d5f65431918/styles/common/styles/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1528. https://fastdial.net/static/styles/common/styles/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d70a6%0d%0a9fb10261588 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d70a6%0d%0a9fb10261588/common/styles/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:30:43 GMT
Server: Apache
Location: http://fastdial.net/static/d70a6
9fb10261588/common/styles/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1529. https://fastdial.net/static/styles/common/styles/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7863f%0d%0af8b4e6f4f9b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/7863f%0d%0af8b4e6f4f9b/styles/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:30:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/7863f
f8b4e6f4f9b/styles/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1530. https://fastdial.net/static/styles/common/styles/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8800f%0d%0a1c0fee079e9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/8800f%0d%0a1c0fee079e9/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/8800f
1c0fee079e9/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1531. https://fastdial.net/static/styles/common/styles/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 41786%0d%0ae4eb9cf7d3b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/41786%0d%0ae4eb9cf7d3b/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/41786
e4eb9cf7d3b/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1532. https://fastdial.net/static/styles/common/styles/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload efeea%0d%0a7a8d0a9e3c5 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/efeea%0d%0a7a8d0a9e3c5/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/efeea
7a8d0a9e3c5/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1533. https://fastdial.net/static/styles/common/styles/images/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 4aa1f%0d%0a7e679dea2c2 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/images/4aa1f%0d%0a7e679dea2c2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/images/4aa1f
7e679dea2c2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1534. https://fastdial.net/static/styles/common/styles/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7350c%0d%0a209af7c3c1b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7350c%0d%0a209af7c3c1b/styles/common/styles/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:30:49 GMT
Server: Apache
Location: http://fastdial.net/7350c
209af7c3c1b/styles/common/styles/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1535. https://fastdial.net/static/styles/common/styles/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f6415%0d%0a2b972f4e9f5 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f6415%0d%0a2b972f4e9f5/common/styles/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:05 GMT
Server: Apache
Location: http://fastdial.net/static/f6415
2b972f4e9f5/common/styles/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1536. https://fastdial.net/static/styles/common/styles/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 11c56%0d%0a828581e400f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/11c56%0d%0a828581e400f/styles/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/11c56
828581e400f/styles/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1537. https://fastdial.net/static/styles/common/styles/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 71c99%0d%0a28b55bfdde6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/71c99%0d%0a28b55bfdde6/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/71c99
28b55bfdde6/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1538. https://fastdial.net/static/styles/common/styles/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1cc69%0d%0a74df5b8fc2f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/1cc69%0d%0a74df5b8fc2f/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:31:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/1cc69
74df5b8fc2f/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1539. https://fastdial.net/static/styles/common/styles/images/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 35ece%0d%0a2e2fd61d027 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/35ece%0d%0a2e2fd61d027/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:32:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/35ece
2e2fd61d027/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1540. https://fastdial.net/static/styles/common/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload cfc3b%0d%0a1f9c69a4256 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /cfc3b%0d%0a1f9c69a4256/styles/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:59:48 GMT
Server: Apache
Location: http://fastdial.net/cfc3b
1f9c69a4256/styles/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1541. https://fastdial.net/static/styles/common/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a14de%0d%0a66d980c5b16 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a14de%0d%0a66d980c5b16/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:27 GMT
Server: Apache
Location: http://fastdial.net/static/a14de
66d980c5b16/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1542. https://fastdial.net/static/styles/common/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e5c23%0d%0ac9a88e2eea0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e5c23%0d%0ac9a88e2eea0/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e5c23
c9a88e2eea0/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1543. https://fastdial.net/static/styles/common/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 41cc1%0d%0ae45161af20b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/41cc1%0d%0ae45161af20b/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:01:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/41cc1
e45161af20b/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1544. https://fastdial.net/static/styles/common/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 73a5c%0d%0a20fc24a1f2 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/73a5c%0d%0a20fc24a1f2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:01:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/73a5c
20fc24a1f2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1545. https://fastdial.net/static/styles/common/styles/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 76e2f%0d%0a2db70147bbd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /76e2f%0d%0a2db70147bbd/styles/common/styles/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:48 GMT
Server: Apache
Location: http://fastdial.net/76e2f
2db70147bbd/styles/common/styles/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1546. https://fastdial.net/static/styles/common/styles/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1070e%0d%0a06a09657d14 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1070e%0d%0a06a09657d14/common/styles/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:27:02 GMT
Server: Apache
Location: http://fastdial.net/static/1070e
06a09657d14/common/styles/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1547. https://fastdial.net/static/styles/common/styles/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 8e378%0d%0aa1d8bfb8658 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/8e378%0d%0aa1d8bfb8658/styles/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/8e378
a1d8bfb8658/styles/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1548. https://fastdial.net/static/styles/common/styles/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 44abd%0d%0ad8b53c5c6b9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/44abd%0d%0ad8b53c5c6b9/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/44abd
d8b53c5c6b9/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1549. https://fastdial.net/static/styles/common/styles/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7038c%0d%0af33860cf9f0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/7038c%0d%0af33860cf9f0/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:29:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/7038c
f33860cf9f0/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1550. https://fastdial.net/static/styles/common/styles/images/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b622c%0d%0a7347285bec7 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/b622c%0d%0a7347285bec7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:29:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/b622c
7347285bec7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1551. https://fastdial.net/static/styles/common/styles/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload da188%0d%0a3de72d4b1c7 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /da188%0d%0a3de72d4b1c7/styles/common/styles/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:27 GMT
Server: Apache
Location: http://fastdial.net/da188
3de72d4b1c7/styles/common/styles/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1552. https://fastdial.net/static/styles/common/styles/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 21587%0d%0a2e4703b8cb3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/21587%0d%0a2e4703b8cb3/common/styles/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:45 GMT
Server: Apache
Location: http://fastdial.net/static/21587
2e4703b8cb3/common/styles/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1553. https://fastdial.net/static/styles/common/styles/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload aea71%0d%0aa01e8e87698 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/aea71%0d%0aa01e8e87698/styles/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/aea71
a01e8e87698/styles/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1554. https://fastdial.net/static/styles/common/styles/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ca5d2%0d%0ad65c38d042b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ca5d2%0d%0ad65c38d042b/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:27:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ca5d2
d65c38d042b/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1555. https://fastdial.net/static/styles/common/styles/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload bfd10%0d%0a7374123cebc was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/bfd10%0d%0a7374123cebc/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/bfd10
7374123cebc/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1556. https://fastdial.net/static/styles/common/styles/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c82be%0d%0af59883e6a85 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/c82be%0d%0af59883e6a85/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/c82be
f59883e6a85/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1557. https://fastdial.net/static/styles/common/styles/images/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 1bda2%0d%0a2b955691c1 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/styles/1bda2%0d%0a2b955691c1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:29:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/styles/1bda2
2b955691c1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1558. https://fastdial.net/static/styles/common/styles/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a891f%0d%0a99f5f516231 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a891f%0d%0a99f5f516231/styles/common/styles/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:34 GMT
Server: Apache
Location: http://fastdial.net/a891f
99f5f516231/styles/common/styles/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1559. https://fastdial.net/static/styles/common/styles/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c734d%0d%0af1739c40086 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c734d%0d%0af1739c40086/common/styles/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:26:52 GMT
Server: Apache
Location: http://fastdial.net/static/c734d
f1739c40086/common/styles/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1560. https://fastdial.net/static/styles/common/styles/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ae41a%0d%0ac008c54e0a was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ae41a%0d%0ac008c54e0a/styles/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:27:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ae41a
c008c54e0a/styles/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1561. https://fastdial.net/static/styles/common/styles/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f8b2f%0d%0ab007c03d196 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/f8b2f%0d%0ab007c03d196/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/f8b2f
b007c03d196/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1562. https://fastdial.net/static/styles/common/styles/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 26467%0d%0a10302c4352e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/26467%0d%0a10302c4352e/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:28:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/26467
10302c4352e/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1563. https://fastdial.net/static/styles/common/styles/images/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 6914d%0d%0a68c2e050ae was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/images/6914d%0d%0a68c2e050ae/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:29:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/images/6914d
68c2e050ae/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1564. https://fastdial.net/static/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload caf60%0d%0a897cfb08411 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /caf60%0d%0a897cfb08411/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:59:26 GMT
Server: Apache
Location: http://fastdial.net/caf60
897cfb08411/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1565. https://fastdial.net/static/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a7d00%0d%0ac7e52db3cd8 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a7d00%0d%0ac7e52db3cd8/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:59:40 GMT
Server: Apache
Location: http://fastdial.net/static/a7d00
c7e52db3cd8/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1566. https://fastdial.net/static/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4d0da%0d%0a587829d519d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/4d0da%0d%0a587829d519d/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/4d0da
587829d519d/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1567. https://fastdial.net/static/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d89ce%0d%0ae5412255fad was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/d89ce%0d%0ae5412255fad/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/d89ce
e5412255fad/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1568. https://fastdial.net/static/styles/common/styles/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3436b%0d%0a1380b58d2ce was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3436b%0d%0a1380b58d2ce/styles/common/styles/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:21:22 GMT
Server: Apache
Location: http://fastdial.net/3436b
1380b58d2ce/styles/common/styles/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1569. https://fastdial.net/static/styles/common/styles/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5072a%0d%0a48ba2fa1ecb was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5072a%0d%0a48ba2fa1ecb/common/styles/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:08 GMT
Server: Apache
Location: http://fastdial.net/static/5072a
48ba2fa1ecb/common/styles/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1570. https://fastdial.net/static/styles/common/styles/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9df04%0d%0a7ca7f33eab4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/9df04%0d%0a7ca7f33eab4/styles/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/9df04
7ca7f33eab4/styles/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1571. https://fastdial.net/static/styles/common/styles/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 53f15%0d%0a872c030e381 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/53f15%0d%0a872c030e381/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/53f15
872c030e381/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1572. https://fastdial.net/static/styles/common/styles/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c41ce%0d%0a46cb35ff75c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/c41ce%0d%0a46cb35ff75c/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/c41ce
46cb35ff75c/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1573. https://fastdial.net/static/styles/common/styles/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 29615%0d%0a114f3c7e06d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/scripts/29615%0d%0a114f3c7e06d/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/scripts/29615
114f3c7e06d/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1574. https://fastdial.net/static/styles/common/styles/scripts/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 27625%0d%0a1f167f17508 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/scripts/images/27625%0d%0a1f167f17508/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/scripts/images/27625
1f167f17508/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1575. https://fastdial.net/static/styles/common/styles/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e3c32%0d%0a368270473d8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e3c32%0d%0a368270473d8/styles/common/styles/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:21:40 GMT
Server: Apache
Location: http://fastdial.net/e3c32
368270473d8/styles/common/styles/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1576. https://fastdial.net/static/styles/common/styles/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload bb78b%0d%0a5d9914f53a7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/bb78b%0d%0a5d9914f53a7/common/styles/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:17 GMT
Server: Apache
Location: http://fastdial.net/static/bb78b
5d9914f53a7/common/styles/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1577. https://fastdial.net/static/styles/common/styles/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4a800%0d%0a759348b3882 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/4a800%0d%0a759348b3882/styles/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/4a800
759348b3882/styles/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1578. https://fastdial.net/static/styles/common/styles/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8c8f8%0d%0a57ed935a2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/8c8f8%0d%0a57ed935a2/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:23:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/8c8f8
57ed935a2/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1579. https://fastdial.net/static/styles/common/styles/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1e4b9%0d%0a40fee428e59 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/1e4b9%0d%0a40fee428e59/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/1e4b9
40fee428e59/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1580. https://fastdial.net/static/styles/common/styles/scripts/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7744b%0d%0abc096ffd56d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/scripts/7744b%0d%0abc096ffd56d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:24:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/scripts/7744b
bc096ffd56d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1581. https://fastdial.net/static/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3427f%0d%0aae3d70d7079 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3427f%0d%0aae3d70d7079/styles/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:59:24 GMT
Server: Apache
Location: http://fastdial.net/3427f
ae3d70d7079/styles/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1582. https://fastdial.net/static/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 302bf%0d%0a7fc0c0379f0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/302bf%0d%0a7fc0c0379f0/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:17 GMT
Server: Apache
Location: http://fastdial.net/static/302bf
7fc0c0379f0/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1583. https://fastdial.net/static/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a2ac0%0d%0a6cb2e7f185b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a2ac0%0d%0a6cb2e7f185b/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a2ac0
6cb2e7f185b/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1584. https://fastdial.net/static/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fc754%0d%0a606d18c0613 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/fc754%0d%0a606d18c0613/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:00:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/fc754
606d18c0613/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1585. https://fastdial.net/static/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 22b79%0d%0aca85fc52a15 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/22b79%0d%0aca85fc52a15/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:01:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/22b79
ca85fc52a15/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1586. https://fastdial.net/static/styles/common/styles/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8521c%0d%0a8ce5625606f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8521c%0d%0a8ce5625606f/styles/common/styles/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:39 GMT
Server: Apache
Location: http://fastdial.net/8521c
8ce5625606f/styles/common/styles/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1587. https://fastdial.net/static/styles/common/styles/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ce712%0d%0a342cf69b350 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ce712%0d%0a342cf69b350/common/styles/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:52 GMT
Server: Apache
Location: http://fastdial.net/static/ce712
342cf69b350/common/styles/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1588. https://fastdial.net/static/styles/common/styles/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 401f9%0d%0a5052428d674 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/401f9%0d%0a5052428d674/styles/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:20:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/401f9
5052428d674/styles/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1589. https://fastdial.net/static/styles/common/styles/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c7fc5%0d%0adfed4979cdc was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/c7fc5%0d%0adfed4979cdc/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:20:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/c7fc5
dfed4979cdc/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1590. https://fastdial.net/static/styles/common/styles/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload fce85%0d%0a6302b74d4e1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/fce85%0d%0a6302b74d4e1/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:20:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/fce85
6302b74d4e1/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1591. https://fastdial.net/static/styles/common/styles/scripts/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload fd38a%0d%0ae7aac3d48f4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/scripts/fd38a%0d%0ae7aac3d48f4/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:20:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/scripts/fd38a
e7aac3d48f4/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1592. https://fastdial.net/static/styles/common/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a795b%0d%0adcacdbb08c8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a795b%0d%0adcacdbb08c8/styles/common/styles/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:30 GMT
Server: Apache
Location: http://fastdial.net/a795b
dcacdbb08c8/styles/common/styles/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1593. https://fastdial.net/static/styles/common/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9504f%0d%0ae09b9b502f0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9504f%0d%0ae09b9b502f0/common/styles/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:45 GMT
Server: Apache
Location: http://fastdial.net/static/9504f
e09b9b502f0/common/styles/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1594. https://fastdial.net/static/styles/common/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ecaa2%0d%0abc4c533d92f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ecaa2%0d%0abc4c533d92f/styles/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ecaa2
bc4c533d92f/styles/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1595. https://fastdial.net/static/styles/common/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fb110%0d%0a99a456a297 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/fb110%0d%0a99a456a297/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/fb110
99a456a297/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1596. https://fastdial.net/static/styles/common/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 266e4%0d%0a13344c99001 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/266e4%0d%0a13344c99001/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/266e4
13344c99001/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1597. https://fastdial.net/static/styles/common/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d0fb6%0d%0a5b32b3072d3 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/scripts/d0fb6%0d%0a5b32b3072d3/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:20:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/scripts/d0fb6
5b32b3072d3/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1598. https://fastdial.net/static/styles/common/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 766bc%0d%0aa2af76b0684 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/scripts/styles/766bc%0d%0aa2af76b0684/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:20:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/scripts/styles/766bc
a2af76b0684/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1599. https://fastdial.net/static/styles/common/styles/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1f184%0d%0afa262892913 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1f184%0d%0afa262892913/styles/common/styles/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:45 GMT
Server: Apache
Location: http://fastdial.net/1f184
fa262892913/styles/common/styles/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1600. https://fastdial.net/static/styles/common/styles/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f9946%0d%0a09ceb8f0701 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f9946%0d%0a09ceb8f0701/common/styles/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:57 GMT
Server: Apache
Location: http://fastdial.net/static/f9946
09ceb8f0701/common/styles/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1601. https://fastdial.net/static/styles/common/styles/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bb314%0d%0ace991218997 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/bb314%0d%0ace991218997/styles/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/bb314
ce991218997/styles/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1602. https://fastdial.net/static/styles/common/styles/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload ec5fa%0d%0ab074f1bf0e9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/ec5fa%0d%0ab074f1bf0e9/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/ec5fa
b074f1bf0e9/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1603. https://fastdial.net/static/styles/common/styles/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6a5eb%0d%0a3d57bcba58c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/6a5eb%0d%0a3d57bcba58c/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:20:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/6a5eb
3d57bcba58c/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1604. https://fastdial.net/static/styles/common/styles/scripts/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload e28e7%0d%0a457bc1cd89e was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/scripts/e28e7%0d%0a457bc1cd89e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:20:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/scripts/e28e7
457bc1cd89e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1605. https://fastdial.net/static/styles/common/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8b513%0d%0a59654c503ca was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8b513%0d%0a59654c503ca/styles/common/styles/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:14:17 GMT
Server: Apache
Location: http://fastdial.net/8b513
59654c503ca/styles/common/styles/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1606. https://fastdial.net/static/styles/common/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3b3e1%0d%0a31ee718ab56 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3b3e1%0d%0a31ee718ab56/common/styles/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:14:34 GMT
Server: Apache
Location: http://fastdial.net/static/3b3e1
31ee718ab56/common/styles/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1607. https://fastdial.net/static/styles/common/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7c83b%0d%0ad4510235591 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/7c83b%0d%0ad4510235591/styles/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:14:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/7c83b
d4510235591/styles/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1608. https://fastdial.net/static/styles/common/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d1f61%0d%0a75676026478 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/d1f61%0d%0a75676026478/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/d1f61
75676026478/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1609. https://fastdial.net/static/styles/common/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f18ab%0d%0a398eff1db2b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/f18ab%0d%0a398eff1db2b/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/f18ab
398eff1db2b/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1610. https://fastdial.net/static/styles/common/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 8b134%0d%0a2bcabe259e4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/8b134%0d%0a2bcabe259e4/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/8b134
2bcabe259e4/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1611. https://fastdial.net/static/styles/common/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 8592e%0d%0a444cd722a3 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/common/8592e%0d%0a444cd722a3/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/common/8592e
444cd722a3/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1612. https://fastdial.net/static/styles/common/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload e3be3%0d%0a4299dc77d65 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/common/images/e3be3%0d%0a4299dc77d65/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:16:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/common/images/e3be3
4299dc77d65/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1613. https://fastdial.net/static/styles/common/styles/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ff28b%0d%0a67b82a2785b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ff28b%0d%0a67b82a2785b/styles/common/styles/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:14:57 GMT
Server: Apache
Location: http://fastdial.net/ff28b
67b82a2785b/styles/common/styles/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1614. https://fastdial.net/static/styles/common/styles/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 63015%0d%0a31a0cad1bb7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/63015%0d%0a31a0cad1bb7/common/styles/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:12 GMT
Server: Apache
Location: http://fastdial.net/static/63015
31a0cad1bb7/common/styles/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1615. https://fastdial.net/static/styles/common/styles/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 82a25%0d%0a8bcbfb8810d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/82a25%0d%0a8bcbfb8810d/styles/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/82a25
8bcbfb8810d/styles/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1616. https://fastdial.net/static/styles/common/styles/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 97a0c%0d%0aebf783845d3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/97a0c%0d%0aebf783845d3/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/97a0c
ebf783845d3/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1617. https://fastdial.net/static/styles/common/styles/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 81ddd%0d%0ad1566f4a917 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/81ddd%0d%0ad1566f4a917/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/81ddd
d1566f4a917/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1618. https://fastdial.net/static/styles/common/styles/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload adc6e%0d%0ab64061ec807 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/adc6e%0d%0ab64061ec807/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:16:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/adc6e
b64061ec807/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1619. https://fastdial.net/static/styles/common/styles/styles/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload e91a6%0d%0a0b591acf256 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/common/e91a6%0d%0a0b591acf256/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:16:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/common/e91a6
0b591acf256/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1620. https://fastdial.net/static/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fdb54%0d%0a87cf60b658a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fdb54%0d%0a87cf60b658a/styles/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:57:05 GMT
Server: Apache
Location: http://fastdial.net/fdb54
87cf60b658a/styles/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1621. https://fastdial.net/static/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 91df9%0d%0ad85f4b6312f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/91df9%0d%0ad85f4b6312f/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:57:17 GMT
Server: Apache
Location: http://fastdial.net/static/91df9
d85f4b6312f/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1622. https://fastdial.net/static/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 36f45%0d%0a3baab647782 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/36f45%0d%0a3baab647782/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:57:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/36f45
3baab647782/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1623. https://fastdial.net/static/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c2e51%0d%0a538fac218f0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/c2e51%0d%0a538fac218f0/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:57:49 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/c2e51
538fac218f0/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1624. https://fastdial.net/static/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e85ac%0d%0a623887c87a1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/e85ac%0d%0a623887c87a1/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:58:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/e85ac
623887c87a1/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1625. https://fastdial.net/static/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 16af0%0d%0a87d6c2bad1d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/16af0%0d%0a87d6c2bad1d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:58:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/16af0
87d6c2bad1d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1626. https://fastdial.net/static/styles/common/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 20680%0d%0a440e379462 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /20680%0d%0a440e379462/styles/common/styles/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:33 GMT
Server: Apache
Location: http://fastdial.net/20680
440e379462/styles/common/styles/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1627. https://fastdial.net/static/styles/common/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7f174%0d%0a6ff984854e4 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7f174%0d%0a6ff984854e4/common/styles/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:46 GMT
Server: Apache
Location: http://fastdial.net/static/7f174
6ff984854e4/common/styles/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1628. https://fastdial.net/static/styles/common/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 25f77%0d%0a3f718240bdc was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/25f77%0d%0a3f718240bdc/styles/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:13:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/25f77
3f718240bdc/styles/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1629. https://fastdial.net/static/styles/common/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 89d76%0d%0a5446d3902fd was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/89d76%0d%0a5446d3902fd/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:13:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/89d76
5446d3902fd/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1630. https://fastdial.net/static/styles/common/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 8923d%0d%0a1eb5d9f3ac2 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/8923d%0d%0a1eb5d9f3ac2/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:13:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/8923d
1eb5d9f3ac2/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1631. https://fastdial.net/static/styles/common/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 719ba%0d%0af1e135f4204 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/719ba%0d%0af1e135f4204/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:13:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/719ba
f1e135f4204/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1632. https://fastdial.net/static/styles/common/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 99e89%0d%0add831b21e0d was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/common/99e89%0d%0add831b21e0d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:14:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/common/99e89
dd831b21e0d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1633. https://fastdial.net/static/styles/common/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c779b%0d%0ae7db40aff32 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c779b%0d%0ae7db40aff32/styles/common/styles/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:00 GMT
Server: Apache
Location: http://fastdial.net/c779b
e7db40aff32/styles/common/styles/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1634. https://fastdial.net/static/styles/common/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9d66c%0d%0a07c63f27e2a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9d66c%0d%0a07c63f27e2a/common/styles/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:18 GMT
Server: Apache
Location: http://fastdial.net/static/9d66c
07c63f27e2a/common/styles/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1635. https://fastdial.net/static/styles/common/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c6c7c%0d%0a2f7ffd93dc2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c6c7c%0d%0a2f7ffd93dc2/styles/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c6c7c
2f7ffd93dc2/styles/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1636. https://fastdial.net/static/styles/common/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fb642%0d%0aeae192f4120 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/fb642%0d%0aeae192f4120/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/fb642
eae192f4120/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1637. https://fastdial.net/static/styles/common/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e4268%0d%0a18df3934271 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/e4268%0d%0a18df3934271/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/e4268
18df3934271/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1638. https://fastdial.net/static/styles/common/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 8126a%0d%0a646e78a5be8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/8126a%0d%0a646e78a5be8/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/8126a
646e78a5be8/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1639. https://fastdial.net/static/styles/common/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 53cd5%0d%0ac4aef47a3fd was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/common/53cd5%0d%0ac4aef47a3fd/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:13:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/common/53cd5
c4aef47a3fd/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1640. https://fastdial.net/static/styles/common/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload bf466%0d%0aac31843fb38 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/common/styles/bf466%0d%0aac31843fb38/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:13:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/common/styles/bf466
ac31843fb38/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1641. https://fastdial.net/static/styles/common/styles/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 758e6%0d%0aa6571c3141d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /758e6%0d%0aa6571c3141d/styles/common/styles/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:13 GMT
Server: Apache
Location: http://fastdial.net/758e6
a6571c3141d/styles/common/styles/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1642. https://fastdial.net/static/styles/common/styles/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload acfc5%0d%0a7a3bfaab274 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/acfc5%0d%0a7a3bfaab274/common/styles/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:11:28 GMT
Server: Apache
Location: http://fastdial.net/static/acfc5
7a3bfaab274/common/styles/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1643. https://fastdial.net/static/styles/common/styles/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ff51c%0d%0a37966056353 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ff51c%0d%0a37966056353/styles/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ff51c
37966056353/styles/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1644. https://fastdial.net/static/styles/common/styles/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2f52f%0d%0a4531513d1ef was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/2f52f%0d%0a4531513d1ef/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/2f52f
4531513d1ef/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1645. https://fastdial.net/static/styles/common/styles/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7b01b%0d%0a3105d4278a9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/7b01b%0d%0a3105d4278a9/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:12:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/7b01b
3105d4278a9/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1646. https://fastdial.net/static/styles/common/styles/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 943b5%0d%0ad1ce63468f9 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/943b5%0d%0ad1ce63468f9/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:13:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/943b5
d1ce63468f9/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1647. https://fastdial.net/static/styles/common/styles/styles/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 59a89%0d%0a57001aaef6e was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/common/59a89%0d%0a57001aaef6e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:13:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/common/59a89
57001aaef6e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1648. https://fastdial.net/static/styles/common/styles/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 11797%0d%0a93dbd8fb6f3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /11797%0d%0a93dbd8fb6f3/styles/common/styles/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:16 GMT
Server: Apache
Location: http://fastdial.net/11797
93dbd8fb6f3/styles/common/styles/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1649. https://fastdial.net/static/styles/common/styles/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload cc0c2%0d%0ab1f6ec8ac90 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/cc0c2%0d%0ab1f6ec8ac90/common/styles/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:34 GMT
Server: Apache
Location: http://fastdial.net/static/cc0c2
b1f6ec8ac90/common/styles/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1650. https://fastdial.net/static/styles/common/styles/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e91aa%0d%0a4b26fc53ff0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e91aa%0d%0a4b26fc53ff0/styles/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:49 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e91aa
4b26fc53ff0/styles/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1651. https://fastdial.net/static/styles/common/styles/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload cd79b%0d%0a9a2f690432d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/cd79b%0d%0a9a2f690432d/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/cd79b
9a2f690432d/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1652. https://fastdial.net/static/styles/common/styles/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ff9f6%0d%0aae3d3566a25 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/ff9f6%0d%0aae3d3566a25/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/ff9f6
ae3d3566a25/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1653. https://fastdial.net/static/styles/common/styles/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 296ca%0d%0a47eadc8e007 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/296ca%0d%0a47eadc8e007/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/296ca
47eadc8e007/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1654. https://fastdial.net/static/styles/common/styles/styles/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload afe0c%0d%0a7568948ff98 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/images/afe0c%0d%0a7568948ff98/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:20:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/images/afe0c
7568948ff98/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1655. https://fastdial.net/static/styles/common/styles/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6edde%0d%0a41e6a76a5ff was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6edde%0d%0a41e6a76a5ff/styles/common/styles/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:22 GMT
Server: Apache
Location: http://fastdial.net/6edde
41e6a76a5ff/styles/common/styles/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1656. https://fastdial.net/static/styles/common/styles/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 68080%0d%0a05ca4cd9583 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/68080%0d%0a05ca4cd9583/common/styles/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:41 GMT
Server: Apache
Location: http://fastdial.net/static/68080
05ca4cd9583/common/styles/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1657. https://fastdial.net/static/styles/common/styles/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 53628%0d%0aedd4a7f4c8b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/53628%0d%0aedd4a7f4c8b/styles/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:18:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/53628
edd4a7f4c8b/styles/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1658. https://fastdial.net/static/styles/common/styles/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload de3d8%0d%0a1ef63a2ac9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/de3d8%0d%0a1ef63a2ac9/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/de3d8
1ef63a2ac9/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1659. https://fastdial.net/static/styles/common/styles/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e0047%0d%0a27a1f28c1ab was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/e0047%0d%0a27a1f28c1ab/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/e0047
27a1f28c1ab/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1660. https://fastdial.net/static/styles/common/styles/styles/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 42a57%0d%0afe6e7610634 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/42a57%0d%0afe6e7610634/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:19:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/42a57
fe6e7610634/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1661. https://fastdial.net/static/styles/common/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1e2d1%0d%0af892c08eb32 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1e2d1%0d%0af892c08eb32/styles/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:58:10 GMT
Server: Apache
Location: http://fastdial.net/1e2d1
f892c08eb32/styles/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1662. https://fastdial.net/static/styles/common/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 73a79%0d%0a220a3f6c975 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/73a79%0d%0a220a3f6c975/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:58:29 GMT
Server: Apache
Location: http://fastdial.net/static/73a79
220a3f6c975/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1663. https://fastdial.net/static/styles/common/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bc1ea%0d%0a946e38939d0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/bc1ea%0d%0a946e38939d0/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:58:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/bc1ea
946e38939d0/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1664. https://fastdial.net/static/styles/common/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload df35d%0d%0ab99e3d21cd3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/df35d%0d%0ab99e3d21cd3/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:58:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/df35d
b99e3d21cd3/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1665. https://fastdial.net/static/styles/common/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 23600%0d%0a90688305727 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/23600%0d%0a90688305727/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 18:59:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/23600
90688305727/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1666. https://fastdial.net/static/styles/common/styles/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f83bb%0d%0a1c19278d51a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f83bb%0d%0a1c19278d51a/styles/common/styles/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:43 GMT
Server: Apache
Location: http://fastdial.net/f83bb
1c19278d51a/styles/common/styles/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1667. https://fastdial.net/static/styles/common/styles/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 127b6%0d%0aa16693c4c8a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/127b6%0d%0aa16693c4c8a/common/styles/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:55 GMT
Server: Apache
Location: http://fastdial.net/static/127b6
a16693c4c8a/common/styles/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1668. https://fastdial.net/static/styles/common/styles/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c8b5d%0d%0a4faa59a86e3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c8b5d%0d%0a4faa59a86e3/styles/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:16:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c8b5d
4faa59a86e3/styles/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1669. https://fastdial.net/static/styles/common/styles/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2697c%0d%0ae8c4e87e06d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/2697c%0d%0ae8c4e87e06d/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:16:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/2697c
e8c4e87e06d/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1670. https://fastdial.net/static/styles/common/styles/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d3c0e%0d%0a904032fd49b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/d3c0e%0d%0a904032fd49b/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:17:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/d3c0e
904032fd49b/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1671. https://fastdial.net/static/styles/common/styles/styles/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a08b8%0d%0a286db4034ea was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/a08b8%0d%0a286db4034ea/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:17:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/a08b8
286db4034ea/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1672. https://fastdial.net/static/styles/common/styles/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload bd510%0d%0ac088ce91698 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /bd510%0d%0ac088ce91698/styles/common/styles/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:02 GMT
Server: Apache
Location: http://fastdial.net/bd510
c088ce91698/styles/common/styles/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1673. https://fastdial.net/static/styles/common/styles/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 10621%0d%0a1fbddb774a6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/10621%0d%0a1fbddb774a6/common/styles/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:17 GMT
Server: Apache
Location: http://fastdial.net/static/10621
1fbddb774a6/common/styles/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1674. https://fastdial.net/static/styles/common/styles/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3f116%0d%0a54afe324f03 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/3f116%0d%0a54afe324f03/styles/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/3f116
54afe324f03/styles/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1675. https://fastdial.net/static/styles/common/styles/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload eabaa%0d%0af54b1a213ef was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/eabaa%0d%0af54b1a213ef/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/eabaa
f54b1a213ef/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1676. https://fastdial.net/static/styles/common/styles/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1ac33%0d%0ae1767551ba0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/1ac33%0d%0ae1767551ba0/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/1ac33
e1767551ba0/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1677. https://fastdial.net/static/styles/common/styles/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 605ea%0d%0a1f505eca248 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/605ea%0d%0a1f505eca248/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:16:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/605ea
1f505eca248/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1678. https://fastdial.net/static/styles/common/styles/styles/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload bfbb0%0d%0a11f48ed78ec was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/styles/bfbb0%0d%0a11f48ed78ec/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:16:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/styles/bfbb0
11f48ed78ec/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1679. https://fastdial.net/static/styles/common/styles/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b2505%0d%0a50314653da2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b2505%0d%0a50314653da2/styles/common/styles/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:14:58 GMT
Server: Apache
Location: http://fastdial.net/b2505
50314653da2/styles/common/styles/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1680. https://fastdial.net/static/styles/common/styles/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 196dd%0d%0ae15179d7ebc was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/196dd%0d%0ae15179d7ebc/common/styles/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:16 GMT
Server: Apache
Location: http://fastdial.net/static/196dd
e15179d7ebc/common/styles/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1681. https://fastdial.net/static/styles/common/styles/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b645c%0d%0a3341a8a0d88 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b645c%0d%0a3341a8a0d88/styles/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b645c
3341a8a0d88/styles/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1682. https://fastdial.net/static/styles/common/styles/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c7838%0d%0aed1b97fbbe5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/c7838%0d%0aed1b97fbbe5/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:15:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/c7838
ed1b97fbbe5/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1683. https://fastdial.net/static/styles/common/styles/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9a14b%0d%0aaffaa46eae8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/9a14b%0d%0aaffaa46eae8/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:16:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/9a14b
affaa46eae8/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1684. https://fastdial.net/static/styles/common/styles/styles/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/common/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 896b5%0d%0adb4d12d39d1 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/common/styles/styles/896b5%0d%0adb4d12d39d1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 20:16:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/common/styles/styles/896b5
db4d12d39d1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1685. https://fastdial.net/static/styles/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c5b74%0d%0a26bdc91cae0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c5b74%0d%0a26bdc91cae0/styles/images/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:55 GMT
Server: Apache
Location: http://fastdial.net/c5b74
26bdc91cae0/styles/images/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1686. https://fastdial.net/static/styles/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 24822%0d%0a752d18913e8 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/24822%0d%0a752d18913e8/images/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:09 GMT
Server: Apache
Location: http://fastdial.net/static/24822
752d18913e8/images/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1687. https://fastdial.net/static/styles/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 59777%0d%0a6a418016dfe was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/59777%0d%0a6a418016dfe/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/59777
6a418016dfe/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1688. https://fastdial.net/static/styles/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8845c%0d%0a0875f4f276 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/8845c%0d%0a0875f4f276/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/8845c
0875f4f276/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1689. https://fastdial.net/static/styles/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3e6ea%0d%0abbe65fa8edd was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/3e6ea%0d%0abbe65fa8edd/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/3e6ea
bbe65fa8edd/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1690. https://fastdial.net/static/styles/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9d050%0d%0a0b3c902e476 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/9d050%0d%0a0b3c902e476/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/9d050
0b3c902e476/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1691. https://fastdial.net/static/styles/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 5d572%0d%0a9d59833a17e was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/common/5d572%0d%0a9d59833a17e/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/common/5d572
9d59833a17e/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1692. https://fastdial.net/static/styles/images/common/images/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 28884%0d%0a997580e232a was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/common/images/28884%0d%0a997580e232a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/common/images/28884
997580e232a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1693. https://fastdial.net/static/styles/images/common/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload cc01d%0d%0a202b84362d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /cc01d%0d%0a202b84362d/styles/images/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:18 GMT
Server: Apache
Location: http://fastdial.net/cc01d
202b84362d/styles/images/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1694. https://fastdial.net/static/styles/images/common/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9fe48%0d%0a6c40ac1e53e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9fe48%0d%0a6c40ac1e53e/images/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:34 GMT
Server: Apache
Location: http://fastdial.net/static/9fe48
6c40ac1e53e/images/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1695. https://fastdial.net/static/styles/images/common/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1659c%0d%0a046922949d2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1659c%0d%0a046922949d2/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1659c
046922949d2/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1696. https://fastdial.net/static/styles/images/common/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1edf5%0d%0ac6c5ae3ae89 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/1edf5%0d%0ac6c5ae3ae89/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/1edf5
c6c5ae3ae89/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1697. https://fastdial.net/static/styles/images/common/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e9f46%0d%0aeb3c660fdde was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/e9f46%0d%0aeb3c660fdde/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/e9f46
eb3c660fdde/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1698. https://fastdial.net/static/styles/images/common/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f1b8e%0d%0aeb74157352a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/f1b8e%0d%0aeb74157352a/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:43:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/f1b8e
eb74157352a/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1699. https://fastdial.net/static/styles/images/common/images/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload e94a3%0d%0af6db10ae6f3 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/common/e94a3%0d%0af6db10ae6f3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:43:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/common/e94a3
f6db10ae6f3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1700. https://fastdial.net/static/styles/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ae27e%0d%0aac682742c5f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ae27e%0d%0aac682742c5f/styles/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:32 GMT
Server: Apache
Location: http://fastdial.net/ae27e
ac682742c5f/styles/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1701. https://fastdial.net/static/styles/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 94020%0d%0a8368a2341 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/94020%0d%0a8368a2341/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:48 GMT
Server: Apache
Location: http://fastdial.net/static/94020
8368a2341/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1702. https://fastdial.net/static/styles/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 28d17%0d%0ab316c0e4c68 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/28d17%0d%0ab316c0e4c68/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/28d17
b316c0e4c68/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1703. https://fastdial.net/static/styles/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 68ad3%0d%0a1aa53696a21 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/68ad3%0d%0a1aa53696a21/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/68ad3
1aa53696a21/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1704. https://fastdial.net/static/styles/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4ca17%0d%0a783ecc2682d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/4ca17%0d%0a783ecc2682d/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/4ca17
783ecc2682d/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1705. https://fastdial.net/static/styles/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 44da9%0d%0a6fed13ba7ea was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/44da9%0d%0a6fed13ba7ea/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/44da9
6fed13ba7ea/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1706. https://fastdial.net/static/styles/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fe74e%0d%0ac8bd592311d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fe74e%0d%0ac8bd592311d/styles/images/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:11 GMT
Server: Apache
Location: http://fastdial.net/fe74e
c8bd592311d/styles/images/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1707. https://fastdial.net/static/styles/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a883a%0d%0a8368781243b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a883a%0d%0a8368781243b/images/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:42 GMT
Server: Apache
Location: http://fastdial.net/static/a883a
8368781243b/images/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1708. https://fastdial.net/static/styles/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 39d63%0d%0a348603350 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/39d63%0d%0a348603350/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/39d63
348603350/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1709. https://fastdial.net/static/styles/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f1a62%0d%0a255fe8555f6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/f1a62%0d%0a255fe8555f6/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/f1a62
255fe8555f6/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1710. https://fastdial.net/static/styles/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c1c2a%0d%0a54f74f99cca was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/c1c2a%0d%0a54f74f99cca/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/c1c2a
54f74f99cca/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1711. https://fastdial.net/static/styles/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload fd191%0d%0affc7e2c3eb9 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/fd191%0d%0affc7e2c3eb9/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:49 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/fd191
ffc7e2c3eb9/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1712. https://fastdial.net/static/styles/images/common/images/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 5c7ca%0d%0af22dd2ab1f6 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/common/5c7ca%0d%0af22dd2ab1f6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/common/5c7ca
f22dd2ab1f6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1713. https://fastdial.net/static/styles/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 41f88%0d%0a3baed6fe739 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /41f88%0d%0a3baed6fe739/styles/images/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:54 GMT
Server: Apache
Location: http://fastdial.net/41f88
3baed6fe739/styles/images/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1714. https://fastdial.net/static/styles/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4f87b%0d%0af723e4e0553 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4f87b%0d%0af723e4e0553/images/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:39:12 GMT
Server: Apache
Location: http://fastdial.net/static/4f87b
f723e4e0553/images/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1715. https://fastdial.net/static/styles/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 60a06%0d%0a0b82315c5c8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/60a06%0d%0a0b82315c5c8/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:39:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/60a06
0b82315c5c8/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1716. https://fastdial.net/static/styles/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload aa761%0d%0a3584262035d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/aa761%0d%0a3584262035d/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:39:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/aa761
3584262035d/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1717. https://fastdial.net/static/styles/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 74d7c%0d%0ac953ee93b3c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/74d7c%0d%0ac953ee93b3c/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:39:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/74d7c
c953ee93b3c/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1718. https://fastdial.net/static/styles/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7d7c8%0d%0a80659e74bdb was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/7d7c8%0d%0a80659e74bdb/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/7d7c8
80659e74bdb/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1719. https://fastdial.net/static/styles/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 8d7a2%0d%0aa8866820c0a was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/common/8d7a2%0d%0aa8866820c0a/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/common/8d7a2
a8866820c0a/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1720. https://fastdial.net/static/styles/images/common/images/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 28f05%0d%0a78f79aaea52 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/common/styles/28f05%0d%0a78f79aaea52/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/common/styles/28f05
78f79aaea52/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1721. https://fastdial.net/static/styles/images/common/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b95d4%0d%0a8ccd2ba2f0a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b95d4%0d%0a8ccd2ba2f0a/styles/images/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:39:36 GMT
Server: Apache
Location: http://fastdial.net/b95d4
8ccd2ba2f0a/styles/images/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1722. https://fastdial.net/static/styles/images/common/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ce5fb%0d%0a9e1a0a123db was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ce5fb%0d%0a9e1a0a123db/images/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:39:48 GMT
Server: Apache
Location: http://fastdial.net/static/ce5fb
9e1a0a123db/images/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1723. https://fastdial.net/static/styles/images/common/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 32f0d%0d%0a9f67b2e25f3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/32f0d%0d%0a9f67b2e25f3/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/32f0d
9f67b2e25f3/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1724. https://fastdial.net/static/styles/images/common/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 93540%0d%0a47fa36034a0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/93540%0d%0a47fa36034a0/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/93540
47fa36034a0/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1725. https://fastdial.net/static/styles/images/common/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6e7d6%0d%0a84fad8ff4f9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/6e7d6%0d%0a84fad8ff4f9/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:40:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/6e7d6
84fad8ff4f9/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1726. https://fastdial.net/static/styles/images/common/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload ceaad%0d%0ae164f5f594c was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/ceaad%0d%0ae164f5f594c/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/ceaad
e164f5f594c/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1727. https://fastdial.net/static/styles/images/common/images/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 7f940%0d%0a0220da803e6 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/common/7f940%0d%0a0220da803e6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:41:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/common/7f940
0220da803e6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1728. https://fastdial.net/static/styles/images/common/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload de0c8%0d%0ab6b4669212d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /de0c8%0d%0ab6b4669212d/styles/images/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:44:50 GMT
Server: Apache
Location: http://fastdial.net/de0c8
b6b4669212d/styles/images/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1729. https://fastdial.net/static/styles/images/common/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7bc43%0d%0ad1bbb049cc8 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7bc43%0d%0ad1bbb049cc8/images/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:03 GMT
Server: Apache
Location: http://fastdial.net/static/7bc43
d1bbb049cc8/images/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1730. https://fastdial.net/static/styles/images/common/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f02ad%0d%0ab9699f83c2b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f02ad%0d%0ab9699f83c2b/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f02ad
b9699f83c2b/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1731. https://fastdial.net/static/styles/images/common/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 814e3%0d%0a56500c4ba60 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/814e3%0d%0a56500c4ba60/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/814e3
56500c4ba60/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1732. https://fastdial.net/static/styles/images/common/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b2e14%0d%0af757e7b78d3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/b2e14%0d%0af757e7b78d3/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/b2e14
f757e7b78d3/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1733. https://fastdial.net/static/styles/images/common/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 423e9%0d%0ad0d47a23da5 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/423e9%0d%0ad0d47a23da5/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/423e9
d0d47a23da5/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1734. https://fastdial.net/static/styles/images/common/images/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload fdb7f%0d%0ac044efb5e75 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/images/fdb7f%0d%0ac044efb5e75/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/images/fdb7f
c044efb5e75/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1735. https://fastdial.net/static/styles/images/common/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5f729%0d%0a9eb680524ea was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5f729%0d%0a9eb680524ea/styles/images/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:07 GMT
Server: Apache
Location: http://fastdial.net/5f729
9eb680524ea/styles/images/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1736. https://fastdial.net/static/styles/images/common/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a4fa5%0d%0ab1d5ed4cea7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a4fa5%0d%0ab1d5ed4cea7/images/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:27 GMT
Server: Apache
Location: http://fastdial.net/static/a4fa5
b1d5ed4cea7/images/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1737. https://fastdial.net/static/styles/images/common/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bb0b2%0d%0aa1eb87e04a6 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/bb0b2%0d%0aa1eb87e04a6/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/bb0b2
a1eb87e04a6/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1738. https://fastdial.net/static/styles/images/common/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 54060%0d%0ab81558eacef was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/54060%0d%0ab81558eacef/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/54060
b81558eacef/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1739. https://fastdial.net/static/styles/images/common/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 53873%0d%0a9ee07cc721d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/53873%0d%0a9ee07cc721d/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/53873
9ee07cc721d/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1740. https://fastdial.net/static/styles/images/common/images/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 54d99%0d%0a2ca6832252f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/54d99%0d%0a2ca6832252f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/54d99
2ca6832252f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1741. https://fastdial.net/static/styles/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 76248%0d%0acd152f709dc was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /76248%0d%0acd152f709dc/styles/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:42 GMT
Server: Apache
Location: http://fastdial.net/76248
cd152f709dc/styles/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1742. https://fastdial.net/static/styles/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1d443%0d%0afc74a8f48ec was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1d443%0d%0afc74a8f48ec/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:56 GMT
Server: Apache
Location: http://fastdial.net/static/1d443
fc74a8f48ec/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1743. https://fastdial.net/static/styles/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5bfec%0d%0a23ee84b77bb was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5bfec%0d%0a23ee84b77bb/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5bfec
23ee84b77bb/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1744. https://fastdial.net/static/styles/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7de0e%0d%0a002f0772b28 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/7de0e%0d%0a002f0772b28/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/7de0e
002f0772b28/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1745. https://fastdial.net/static/styles/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 59d1a%0d%0a356a06684cf was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/59d1a%0d%0a356a06684cf/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/59d1a
356a06684cf/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1746. https://fastdial.net/static/styles/images/common/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 91136%0d%0ab10dbf29f76 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /91136%0d%0ab10dbf29f76/styles/images/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:44:15 GMT
Server: Apache
Location: http://fastdial.net/91136
b10dbf29f76/styles/images/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1747. https://fastdial.net/static/styles/images/common/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5b818%0d%0a16a2795546d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5b818%0d%0a16a2795546d/images/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:44:26 GMT
Server: Apache
Location: http://fastdial.net/static/5b818
16a2795546d/images/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1748. https://fastdial.net/static/styles/images/common/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1b424%0d%0ac3522eb570 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1b424%0d%0ac3522eb570/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:44:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1b424
c3522eb570/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1749. https://fastdial.net/static/styles/images/common/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9c6ec%0d%0a29a5cb1c0a0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/9c6ec%0d%0a29a5cb1c0a0/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/9c6ec
29a5cb1c0a0/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1750. https://fastdial.net/static/styles/images/common/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload fe4d1%0d%0a8b7c270aa38 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/fe4d1%0d%0a8b7c270aa38/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/fe4d1
8b7c270aa38/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1751. https://fastdial.net/static/styles/images/common/images/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9ddde%0d%0a3bdbd9fd2f5 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/9ddde%0d%0a3bdbd9fd2f5/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/9ddde
3bdbd9fd2f5/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1752. https://fastdial.net/static/styles/images/common/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e286d%0d%0a3e150ab660 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e286d%0d%0a3e150ab660/styles/images/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:16 GMT
Server: Apache
Location: http://fastdial.net/e286d
3e150ab660/styles/images/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1753. https://fastdial.net/static/styles/images/common/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4e26f%0d%0aebb7948d4df was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4e26f%0d%0aebb7948d4df/images/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:36 GMT
Server: Apache
Location: http://fastdial.net/static/4e26f
ebb7948d4df/images/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1754. https://fastdial.net/static/styles/images/common/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5f641%0d%0a5371082bd8a was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5f641%0d%0a5371082bd8a/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5f641
5371082bd8a/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1755. https://fastdial.net/static/styles/images/common/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a6019%0d%0a0a36d8772a3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/a6019%0d%0a0a36d8772a3/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:43:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/a6019
0a36d8772a3/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1756. https://fastdial.net/static/styles/images/common/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a192a%0d%0a3801f213d13 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/a192a%0d%0a3801f213d13/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:43:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/a192a
3801f213d13/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1757. https://fastdial.net/static/styles/images/common/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f3a22%0d%0a7329ba2a7d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/f3a22%0d%0a7329ba2a7d/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:43:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/f3a22
7329ba2a7d/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1758. https://fastdial.net/static/styles/images/common/images/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 65bf5%0d%0a9f8e7481fb9 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/styles/65bf5%0d%0a9f8e7481fb9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:43:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/styles/65bf5
9f8e7481fb9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1759. https://fastdial.net/static/styles/images/common/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 84a99%0d%0a80b161d317f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /84a99%0d%0a80b161d317f/styles/images/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:30 GMT
Server: Apache
Location: http://fastdial.net/84a99
80b161d317f/styles/images/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1760. https://fastdial.net/static/styles/images/common/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 56525%0d%0aeb1950e53e9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/56525%0d%0aeb1950e53e9/images/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:42:56 GMT
Server: Apache
Location: http://fastdial.net/static/56525
eb1950e53e9/images/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1761. https://fastdial.net/static/styles/images/common/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f35bc%0d%0a5298b60741e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f35bc%0d%0a5298b60741e/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:43:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f35bc
5298b60741e/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1762. https://fastdial.net/static/styles/images/common/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6f2b4%0d%0a91eb93f5f8c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/6f2b4%0d%0a91eb93f5f8c/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:43:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/6f2b4
91eb93f5f8c/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1763. https://fastdial.net/static/styles/images/common/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 963f3%0d%0a94b3f088314 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/963f3%0d%0a94b3f088314/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:43:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/963f3
94b3f088314/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1764. https://fastdial.net/static/styles/images/common/images/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 653d7%0d%0ae5641b5d9da was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/images/653d7%0d%0ae5641b5d9da/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:44:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/images/653d7
e5641b5d9da/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1765. https://fastdial.net/static/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 93fd3%0d%0af953f85887f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /93fd3%0d%0af953f85887f/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:06 GMT
Server: Apache
Location: http://fastdial.net/93fd3
f953f85887f/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1766. https://fastdial.net/static/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6c451%0d%0abb8769b0b0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6c451%0d%0abb8769b0b0/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:20 GMT
Server: Apache
Location: http://fastdial.net/static/6c451
bb8769b0b0/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1767. https://fastdial.net/static/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6ca2d%0d%0afe8d84bea9d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/6ca2d%0d%0afe8d84bea9d/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/6ca2d
fe8d84bea9d/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1768. https://fastdial.net/static/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 19d90%0d%0a5306f4c36d6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/19d90%0d%0a5306f4c36d6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/19d90
5306f4c36d6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1769. https://fastdial.net/static/styles/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fb4f8%0d%0ac9a31c0f036 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fb4f8%0d%0ac9a31c0f036/styles/images/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:37:38 GMT
Server: Apache
Location: http://fastdial.net/fb4f8
c9a31c0f036/styles/images/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1770. https://fastdial.net/static/styles/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a143e%0d%0a358a95e059c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a143e%0d%0a358a95e059c/images/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:37:53 GMT
Server: Apache
Location: http://fastdial.net/static/a143e
358a95e059c/images/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1771. https://fastdial.net/static/styles/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9dcd3%0d%0abdbb5311f04 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/9dcd3%0d%0abdbb5311f04/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/9dcd3
bdbb5311f04/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1772. https://fastdial.net/static/styles/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 35a16%0d%0aea95cb8f852 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/35a16%0d%0aea95cb8f852/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/35a16
ea95cb8f852/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1773. https://fastdial.net/static/styles/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 42831%0d%0a8ad32da78cd was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/42831%0d%0a8ad32da78cd/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/42831
8ad32da78cd/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1774. https://fastdial.net/static/styles/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 58e03%0d%0a881b54c75a8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/scripts/58e03%0d%0a881b54c75a8/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/scripts/58e03
881b54c75a8/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1775. https://fastdial.net/static/styles/images/common/scripts/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 2cd46%0d%0abf81e826fd was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/scripts/images/2cd46%0d%0abf81e826fd/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:39:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/scripts/images/2cd46
bf81e826fd/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1776. https://fastdial.net/static/styles/images/common/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload bb8c4%0d%0ac8c9aaf777b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /bb8c4%0d%0ac8c9aaf777b/styles/images/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:04 GMT
Server: Apache
Location: http://fastdial.net/bb8c4
c8c9aaf777b/styles/images/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1777. https://fastdial.net/static/styles/images/common/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 869c6%0d%0ab7d0c1fd74d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/869c6%0d%0ab7d0c1fd74d/images/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:19 GMT
Server: Apache
Location: http://fastdial.net/static/869c6
b7d0c1fd74d/images/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1778. https://fastdial.net/static/styles/images/common/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1058e%0d%0a459f48447b5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1058e%0d%0a459f48447b5/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1058e
459f48447b5/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1779. https://fastdial.net/static/styles/images/common/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 896fd%0d%0aab16eb2cd37 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/896fd%0d%0aab16eb2cd37/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/896fd
ab16eb2cd37/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1780. https://fastdial.net/static/styles/images/common/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 15bc5%0d%0aa3263dcd421 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/15bc5%0d%0aa3263dcd421/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:39:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/15bc5
a3263dcd421/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1781. https://fastdial.net/static/styles/images/common/scripts/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 88be5%0d%0af94ac6be371 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/scripts/88be5%0d%0af94ac6be371/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:39:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/scripts/88be5
f94ac6be371/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1782. https://fastdial.net/static/styles/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 12587%0d%0a2b24ccbf17f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /12587%0d%0a2b24ccbf17f/styles/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:37:59 GMT
Server: Apache
Location: http://fastdial.net/12587
2b24ccbf17f/styles/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1783. https://fastdial.net/static/styles/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c0d2e%0d%0a4ae98fdcb6d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c0d2e%0d%0a4ae98fdcb6d/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:16 GMT
Server: Apache
Location: http://fastdial.net/static/c0d2e
4ae98fdcb6d/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1784. https://fastdial.net/static/styles/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3681b%0d%0a21e488ec563 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/3681b%0d%0a21e488ec563/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/3681b
21e488ec563/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1785. https://fastdial.net/static/styles/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1d8f6%0d%0a9d684eb53f3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/1d8f6%0d%0a9d684eb53f3/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:38:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/1d8f6
9d684eb53f3/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1786. https://fastdial.net/static/styles/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f37b1%0d%0a825e0fd091e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/f37b1%0d%0a825e0fd091e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/f37b1
825e0fd091e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1787. https://fastdial.net/static/styles/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f4ed4%0d%0a7892d29186b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f4ed4%0d%0a7892d29186b/styles/images/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:37:24 GMT
Server: Apache
Location: http://fastdial.net/f4ed4
7892d29186b/styles/images/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1788. https://fastdial.net/static/styles/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8393a%0d%0aef819ddd950 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8393a%0d%0aef819ddd950/images/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:37:37 GMT
Server: Apache
Location: http://fastdial.net/static/8393a
ef819ddd950/images/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1789. https://fastdial.net/static/styles/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 65f4a%0d%0a951b31c2976 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/65f4a%0d%0a951b31c2976/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:37:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/65f4a
951b31c2976/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1790. https://fastdial.net/static/styles/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6381d%0d%0aadb3131f0b4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/6381d%0d%0aadb3131f0b4/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/6381d
adb3131f0b4/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1791. https://fastdial.net/static/styles/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b8a47%0d%0aa2c3a692eb2 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/b8a47%0d%0aa2c3a692eb2/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/b8a47
a2c3a692eb2/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1792. https://fastdial.net/static/styles/images/common/scripts/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 70d6e%0d%0a8da576d88f6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/scripts/70d6e%0d%0a8da576d88f6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:38:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/scripts/70d6e
8da576d88f6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1793. https://fastdial.net/static/styles/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 68adc%0d%0ac447790a68a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /68adc%0d%0ac447790a68a/styles/images/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:55 GMT
Server: Apache
Location: http://fastdial.net/68adc
c447790a68a/styles/images/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1794. https://fastdial.net/static/styles/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3f913%0d%0a8d6a9010a6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3f913%0d%0a8d6a9010a6/images/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:36:05 GMT
Server: Apache
Location: http://fastdial.net/static/3f913
8d6a9010a6/images/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1795. https://fastdial.net/static/styles/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e7210%0d%0a0647535320b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e7210%0d%0a0647535320b/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:36:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e7210
0647535320b/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1796. https://fastdial.net/static/styles/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b1adc%0d%0ae1b49c27d75 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/b1adc%0d%0ae1b49c27d75/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:36:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/b1adc
e1b49c27d75/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1797. https://fastdial.net/static/styles/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload dfc59%0d%0a759d2c303e6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/dfc59%0d%0a759d2c303e6/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:36:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/dfc59
759d2c303e6/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1798. https://fastdial.net/static/styles/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d6332%0d%0a0640ff129d0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/scripts/d6332%0d%0a0640ff129d0/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:37:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/scripts/d6332
0640ff129d0/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1799. https://fastdial.net/static/styles/images/common/scripts/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload e2f02%0d%0a72514e1ec52 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/scripts/styles/e2f02%0d%0a72514e1ec52/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:37:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/scripts/styles/e2f02
72514e1ec52/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1800. https://fastdial.net/static/styles/images/common/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f941a%0d%0afa99debfc38 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f941a%0d%0afa99debfc38/styles/images/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:36:19 GMT
Server: Apache
Location: http://fastdial.net/f941a
fa99debfc38/styles/images/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1801. https://fastdial.net/static/styles/images/common/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ffa06%0d%0a986d9d5ac92 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ffa06%0d%0a986d9d5ac92/images/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:36:31 GMT
Server: Apache
Location: http://fastdial.net/static/ffa06
986d9d5ac92/images/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1802. https://fastdial.net/static/styles/images/common/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ac436%0d%0aeaad98ef1b0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ac436%0d%0aeaad98ef1b0/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:36:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ac436
eaad98ef1b0/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1803. https://fastdial.net/static/styles/images/common/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 87da8%0d%0a37b471ad68 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/87da8%0d%0a37b471ad68/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:36:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/87da8
37b471ad68/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1804. https://fastdial.net/static/styles/images/common/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 35473%0d%0a91a720bc167 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/35473%0d%0a91a720bc167/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:37:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/35473
91a720bc167/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1805. https://fastdial.net/static/styles/images/common/scripts/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 41b4e%0d%0a4622d508ec6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/scripts/41b4e%0d%0a4622d508ec6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:37:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/scripts/41b4e
4622d508ec6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1806. https://fastdial.net/static/styles/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 27c2c%0d%0a889edcc3d60 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /27c2c%0d%0a889edcc3d60/styles/images/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:14 GMT
Server: Apache
Location: http://fastdial.net/27c2c
889edcc3d60/styles/images/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1807. https://fastdial.net/static/styles/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6ae62%0d%0a87914da6ee2 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6ae62%0d%0a87914da6ee2/images/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:25 GMT
Server: Apache
Location: http://fastdial.net/static/6ae62
87914da6ee2/images/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1808. https://fastdial.net/static/styles/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9e77e%0d%0a19735f3e958 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/9e77e%0d%0a19735f3e958/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/9e77e
19735f3e958/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1809. https://fastdial.net/static/styles/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 72bbb%0d%0a92aa5896ba6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/72bbb%0d%0a92aa5896ba6/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/72bbb
92aa5896ba6/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1810. https://fastdial.net/static/styles/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload da86e%0d%0a85317d6808b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/da86e%0d%0a85317d6808b/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:31:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/da86e
85317d6808b/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1811. https://fastdial.net/static/styles/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload ab9f0%0d%0a13f0611858d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/ab9f0%0d%0a13f0611858d/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:31:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/ab9f0
13f0611858d/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1812. https://fastdial.net/static/styles/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d8ddf%0d%0a8bf3e791c1c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/common/d8ddf%0d%0a8bf3e791c1c/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:31:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/common/d8ddf
8bf3e791c1c/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1813. https://fastdial.net/static/styles/images/common/styles/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload a41c2%0d%0a30e3d9e69ce was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/common/images/a41c2%0d%0a30e3d9e69ce/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:31:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/common/images/a41c2
30e3d9e69ce/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1814. https://fastdial.net/static/styles/images/common/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b6015%0d%0aa26eea0d58a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b6015%0d%0aa26eea0d58a/styles/images/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:31:32 GMT
Server: Apache
Location: http://fastdial.net/b6015
a26eea0d58a/styles/images/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1815. https://fastdial.net/static/styles/images/common/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2669c%0d%0a16c5bd3675e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2669c%0d%0a16c5bd3675e/images/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:31:49 GMT
Server: Apache
Location: http://fastdial.net/static/2669c
16c5bd3675e/images/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1816. https://fastdial.net/static/styles/images/common/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2d7be%0d%0aa743aa1880c was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/2d7be%0d%0aa743aa1880c/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:32:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/2d7be
a743aa1880c/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1817. https://fastdial.net/static/styles/images/common/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 826ce%0d%0a7e0bd970b3e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/826ce%0d%0a7e0bd970b3e/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:32:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/826ce
7e0bd970b3e/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1818. https://fastdial.net/static/styles/images/common/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 11b50%0d%0a506b7da4cad was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/11b50%0d%0a506b7da4cad/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:32:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/11b50
506b7da4cad/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1819. https://fastdial.net/static/styles/images/common/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 5a482%0d%0a7a86b198128 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/5a482%0d%0a7a86b198128/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:33:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/5a482
7a86b198128/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1820. https://fastdial.net/static/styles/images/common/styles/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 2ebac%0d%0a167789ae37c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/common/2ebac%0d%0a167789ae37c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:33:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/common/2ebac
167789ae37c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1821. https://fastdial.net/static/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a5961%0d%0a3344fa123aa was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a5961%0d%0a3344fa123aa/styles/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:44 GMT
Server: Apache
Location: http://fastdial.net/a5961
3344fa123aa/styles/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1822. https://fastdial.net/static/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c6a86%0d%0a1ceedb106c7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c6a86%0d%0a1ceedb106c7/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:57 GMT
Server: Apache
Location: http://fastdial.net/static/c6a86
1ceedb106c7/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1823. https://fastdial.net/static/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 47af8%0d%0ab1001759f9f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/47af8%0d%0ab1001759f9f/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/47af8
b1001759f9f/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1824. https://fastdial.net/static/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f56b9%0d%0a5b5eaae8b50 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/f56b9%0d%0a5b5eaae8b50/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/f56b9
5b5eaae8b50/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1825. https://fastdial.net/static/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 80cfd%0d%0adb10192b09 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/80cfd%0d%0adb10192b09/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/80cfd
db10192b09/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1826. https://fastdial.net/static/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 34356%0d%0a856b8b6fd77 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/34356%0d%0a856b8b6fd77/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/34356
856b8b6fd77/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1827. https://fastdial.net/static/styles/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 66887%0d%0a6516c1b7cf2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /66887%0d%0a6516c1b7cf2/styles/images/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:29:59 GMT
Server: Apache
Location: http://fastdial.net/66887
6516c1b7cf2/styles/images/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1828. https://fastdial.net/static/styles/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2a720%0d%0ad7721a25398 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2a720%0d%0ad7721a25398/images/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:13 GMT
Server: Apache
Location: http://fastdial.net/static/2a720
d7721a25398/images/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1829. https://fastdial.net/static/styles/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e4a8e%0d%0a4a6222ee64d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e4a8e%0d%0a4a6222ee64d/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e4a8e
4a6222ee64d/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1830. https://fastdial.net/static/styles/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 45525%0d%0a14e7c3097a0 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/45525%0d%0a14e7c3097a0/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/45525
14e7c3097a0/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1831. https://fastdial.net/static/styles/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1effc%0d%0ad8f177cad9c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/1effc%0d%0ad8f177cad9c/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/1effc
d8f177cad9c/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1832. https://fastdial.net/static/styles/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload ba3e2%0d%0a6dbdf12eeae was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/ba3e2%0d%0a6dbdf12eeae/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:31:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/ba3e2
6dbdf12eeae/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1833. https://fastdial.net/static/styles/images/common/styles/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 98a86%0d%0acec2dad19ad was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/common/98a86%0d%0acec2dad19ad/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:31:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/common/98a86
cec2dad19ad/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1834. https://fastdial.net/static/styles/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload da395%0d%0af3aedccf43c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /da395%0d%0af3aedccf43c/styles/images/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:27:51 GMT
Server: Apache
Location: http://fastdial.net/da395
f3aedccf43c/styles/images/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1835. https://fastdial.net/static/styles/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a7002%0d%0a478ed0e0a20 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a7002%0d%0a478ed0e0a20/images/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:28:17 GMT
Server: Apache
Location: http://fastdial.net/static/a7002
478ed0e0a20/images/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1836. https://fastdial.net/static/styles/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 23469%0d%0a6d54709168 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/23469%0d%0a6d54709168/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:28:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/23469
6d54709168/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1837. https://fastdial.net/static/styles/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 74a6b%0d%0af645b387f8 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/74a6b%0d%0af645b387f8/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:28:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/74a6b
f645b387f8/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1838. https://fastdial.net/static/styles/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ee660%0d%0abcbaf8068a1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/ee660%0d%0abcbaf8068a1/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:29:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/ee660
bcbaf8068a1/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1839. https://fastdial.net/static/styles/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload d479e%0d%0a4f3c3cb237a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/d479e%0d%0a4f3c3cb237a/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:29:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/d479e
4f3c3cb237a/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1840. https://fastdial.net/static/styles/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 68b27%0d%0a59c24b749f0 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/common/68b27%0d%0a59c24b749f0/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:29:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/common/68b27
59c24b749f0/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1841. https://fastdial.net/static/styles/images/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload d086c%0d%0aeb45ddf0564 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/common/styles/d086c%0d%0aeb45ddf0564/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/common/styles/d086c
eb45ddf0564/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1842. https://fastdial.net/static/styles/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 37f8f%0d%0a7893f841e6c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /37f8f%0d%0a7893f841e6c/styles/images/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:27:45 GMT
Server: Apache
Location: http://fastdial.net/37f8f
7893f841e6c/styles/images/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1843. https://fastdial.net/static/styles/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ceb18%0d%0a3b061f8ff86 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ceb18%0d%0a3b061f8ff86/images/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:28:27 GMT
Server: Apache
Location: http://fastdial.net/static/ceb18
3b061f8ff86/images/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1844. https://fastdial.net/static/styles/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1105c%0d%0a2e61bcd8d22 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1105c%0d%0a2e61bcd8d22/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:28:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1105c
2e61bcd8d22/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1845. https://fastdial.net/static/styles/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fb7ee%0d%0ac39051a7b7c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/fb7ee%0d%0ac39051a7b7c/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:29:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/fb7ee
c39051a7b7c/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1846. https://fastdial.net/static/styles/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4669c%0d%0a3986783be9f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/4669c%0d%0a3986783be9f/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:29:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/4669c
3986783be9f/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1847. https://fastdial.net/static/styles/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 53942%0d%0a0767d4143c was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/53942%0d%0a0767d4143c/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:29:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/53942
0767d4143c/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1848. https://fastdial.net/static/styles/images/common/styles/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload beeb7%0d%0a6f5ab0cf7e2 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/common/beeb7%0d%0a6f5ab0cf7e2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:30:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/common/beeb7
6f5ab0cf7e2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1849. https://fastdial.net/static/styles/images/common/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1a3f7%0d%0ae5d5280d2e0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1a3f7%0d%0ae5d5280d2e0/styles/images/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:26 GMT
Server: Apache
Location: http://fastdial.net/1a3f7
e5d5280d2e0/styles/images/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1850. https://fastdial.net/static/styles/images/common/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 28927%0d%0af51374f6152 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/28927%0d%0af51374f6152/images/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:42 GMT
Server: Apache
Location: http://fastdial.net/static/28927
f51374f6152/images/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1851. https://fastdial.net/static/styles/images/common/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 35630%0d%0a3e9fec80ae3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/35630%0d%0a3e9fec80ae3/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/35630
3e9fec80ae3/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1852. https://fastdial.net/static/styles/images/common/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2583e%0d%0aa13681d70c2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/2583e%0d%0aa13681d70c2/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/2583e
a13681d70c2/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1853. https://fastdial.net/static/styles/images/common/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 208cd%0d%0ad33aa9e1d99 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/208cd%0d%0ad33aa9e1d99/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/208cd
d33aa9e1d99/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1854. https://fastdial.net/static/styles/images/common/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 91c4c%0d%0a37e124e35b was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/91c4c%0d%0a37e124e35b/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/91c4c
37e124e35b/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1855. https://fastdial.net/static/styles/images/common/styles/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload c7786%0d%0afdc395afef6 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/images/c7786%0d%0afdc395afef6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/images/c7786
fdc395afef6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1856. https://fastdial.net/static/styles/images/common/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 38f62%0d%0a7eeaa8305 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /38f62%0d%0a7eeaa8305/styles/images/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:37 GMT
Server: Apache
Location: http://fastdial.net/38f62
7eeaa8305/styles/images/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1857. https://fastdial.net/static/styles/images/common/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b1642%0d%0adc5cbf53006 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b1642%0d%0adc5cbf53006/images/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:48 GMT
Server: Apache
Location: http://fastdial.net/static/b1642
dc5cbf53006/images/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1858. https://fastdial.net/static/styles/images/common/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ac5e2%0d%0a50b807e527b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ac5e2%0d%0a50b807e527b/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ac5e2
50b807e527b/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1859. https://fastdial.net/static/styles/images/common/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8eeba%0d%0a29d63065742 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/8eeba%0d%0a29d63065742/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/8eeba
29d63065742/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1860. https://fastdial.net/static/styles/images/common/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 120b0%0d%0afdd7e469ab8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/120b0%0d%0afdd7e469ab8/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/120b0
fdd7e469ab8/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1861. https://fastdial.net/static/styles/images/common/styles/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 50ab8%0d%0a58a3ce29f3e was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/50ab8%0d%0a58a3ce29f3e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/50ab8
58a3ce29f3e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1862. https://fastdial.net/static/styles/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5a495%0d%0a3bf3abf7139 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5a495%0d%0a3bf3abf7139/styles/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:22 GMT
Server: Apache
Location: http://fastdial.net/5a495
3bf3abf7139/styles/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1863. https://fastdial.net/static/styles/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 15ba8%0d%0a97896bd7a5b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/15ba8%0d%0a97896bd7a5b/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:32 GMT
Server: Apache
Location: http://fastdial.net/static/15ba8
97896bd7a5b/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1864. https://fastdial.net/static/styles/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 87e98%0d%0acf56e1e88b5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/87e98%0d%0acf56e1e88b5/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/87e98
cf56e1e88b5/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1865. https://fastdial.net/static/styles/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 88ef4%0d%0a76553ff56a3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/88ef4%0d%0a76553ff56a3/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:37:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/88ef4
76553ff56a3/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1866. https://fastdial.net/static/styles/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b9309%0d%0a8f0c20171a4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/b9309%0d%0a8f0c20171a4/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:37:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/b9309
8f0c20171a4/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1867. https://fastdial.net/static/styles/images/common/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9bebc%0d%0ad49b7b96c52 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9bebc%0d%0ad49b7b96c52/styles/images/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:21 GMT
Server: Apache
Location: http://fastdial.net/9bebc
d49b7b96c52/styles/images/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1868. https://fastdial.net/static/styles/images/common/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 17f9d%0d%0a489e61e5ea0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/17f9d%0d%0a489e61e5ea0/images/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:37 GMT
Server: Apache
Location: http://fastdial.net/static/17f9d
489e61e5ea0/images/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1869. https://fastdial.net/static/styles/images/common/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 653ae%0d%0a8f2e92303ef was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/653ae%0d%0a8f2e92303ef/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/653ae
8f2e92303ef/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1870. https://fastdial.net/static/styles/images/common/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e85d1%0d%0a4c7c83e9406 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/e85d1%0d%0a4c7c83e9406/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/e85d1
4c7c83e9406/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1871. https://fastdial.net/static/styles/images/common/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9c024%0d%0a18ed7be01cf was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/9c024%0d%0a18ed7be01cf/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/9c024
18ed7be01cf/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1872. https://fastdial.net/static/styles/images/common/styles/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9dc54%0d%0a10a785bd0f8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/9dc54%0d%0a10a785bd0f8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:35:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/9dc54
10a785bd0f8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1873. https://fastdial.net/static/styles/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4e231%0d%0a32a20d9313b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4e231%0d%0a32a20d9313b/styles/images/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:32:16 GMT
Server: Apache
Location: http://fastdial.net/4e231
32a20d9313b/styles/images/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1874. https://fastdial.net/static/styles/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c1430%0d%0a8c11fb3315d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c1430%0d%0a8c11fb3315d/images/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:32:29 GMT
Server: Apache
Location: http://fastdial.net/static/c1430
8c11fb3315d/images/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1875. https://fastdial.net/static/styles/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6f568%0d%0a0ba489419e1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/6f568%0d%0a0ba489419e1/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:32:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/6f568
0ba489419e1/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1876. https://fastdial.net/static/styles/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 87b06%0d%0a3b34abfaf62 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/87b06%0d%0a3b34abfaf62/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:33:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/87b06
3b34abfaf62/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1877. https://fastdial.net/static/styles/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 22fbb%0d%0a1e55a88b182 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/22fbb%0d%0a1e55a88b182/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:33:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/22fbb
1e55a88b182/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1878. https://fastdial.net/static/styles/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload e15dd%0d%0a1a193ea517b was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/e15dd%0d%0a1a193ea517b/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:33:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/e15dd
1a193ea517b/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1879. https://fastdial.net/static/styles/images/common/styles/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 6296a%0d%0abc15f94a131 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/styles/6296a%0d%0abc15f94a131/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:33:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/styles/6296a
bc15f94a131/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1880. https://fastdial.net/static/styles/images/common/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2b2ad%0d%0a569c63785e2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2b2ad%0d%0a569c63785e2/styles/images/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:33:31 GMT
Server: Apache
Location: http://fastdial.net/2b2ad
569c63785e2/styles/images/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1881. https://fastdial.net/static/styles/images/common/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e403a%0d%0a3cd49bc6893 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e403a%0d%0a3cd49bc6893/images/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:33:44 GMT
Server: Apache
Location: http://fastdial.net/static/e403a
3cd49bc6893/images/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1882. https://fastdial.net/static/styles/images/common/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a7866%0d%0a0d2407766c5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a7866%0d%0a0d2407766c5/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:33:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a7866
0d2407766c5/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1883. https://fastdial.net/static/styles/images/common/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d7104%0d%0afe3fcd58f24 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/d7104%0d%0afe3fcd58f24/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/d7104
fe3fcd58f24/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1884. https://fastdial.net/static/styles/images/common/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload cbf5c%0d%0a15ad393314b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/cbf5c%0d%0a15ad393314b/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/cbf5c
15ad393314b/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1885. https://fastdial.net/static/styles/images/common/styles/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 8b87c%0d%0a32a7b55c47a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/common/styles/8b87c%0d%0a32a7b55c47a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:34:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/common/styles/8b87c
32a7b55c47a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1886. https://fastdial.net/static/styles/images/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c6b88%0d%0a9a8c8074f48 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c6b88%0d%0a9a8c8074f48/styles/images/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:56:57 GMT
Server: Apache
Location: http://fastdial.net/c6b88
9a8c8074f48/styles/images/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1887. https://fastdial.net/static/styles/images/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8b9c6%0d%0acb0b7341c93 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8b9c6%0d%0acb0b7341c93/images/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:57:04 GMT
Server: Apache
Location: http://fastdial.net/static/8b9c6
cb0b7341c93/images/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1888. https://fastdial.net/static/styles/images/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 40e9c%0d%0a9b8bb0d36a3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/40e9c%0d%0a9b8bb0d36a3/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:57:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/40e9c
9b8bb0d36a3/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1889. https://fastdial.net/static/styles/images/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7d298%0d%0a815d5c0d33 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/7d298%0d%0a815d5c0d33/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/7d298
815d5c0d33/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1890. https://fastdial.net/static/styles/images/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload dbb64%0d%0a1dbabc26781 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/dbb64%0d%0a1dbabc26781/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/dbb64
1dbabc26781/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1891. https://fastdial.net/static/styles/images/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c3a6d%0d%0a0e23aab50be was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/common/c3a6d%0d%0a0e23aab50be/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/common/c3a6d
0e23aab50be/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1892. https://fastdial.net/static/styles/images/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 43dc5%0d%0a4269e3acc5 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/common/images/43dc5%0d%0a4269e3acc5/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:00:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/common/images/43dc5
4269e3acc5/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1893. https://fastdial.net/static/styles/images/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2927c%0d%0a5980b59748c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2927c%0d%0a5980b59748c/styles/images/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:57:08 GMT
Server: Apache
Location: http://fastdial.net/2927c
5980b59748c/styles/images/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1894. https://fastdial.net/static/styles/images/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 73516%0d%0a44300be6374 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/73516%0d%0a44300be6374/images/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:57:19 GMT
Server: Apache
Location: http://fastdial.net/static/73516
44300be6374/images/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1895. https://fastdial.net/static/styles/images/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 98fd5%0d%0af30616af8a3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/98fd5%0d%0af30616af8a3/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/98fd5
f30616af8a3/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1896. https://fastdial.net/static/styles/images/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 3e2c3%0d%0a0266ac4c8e6 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/3e2c3%0d%0a0266ac4c8e6/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/3e2c3
0266ac4c8e6/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1897. https://fastdial.net/static/styles/images/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ce404%0d%0a723729be666 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/ce404%0d%0a723729be666/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/ce404
723729be666/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1898. https://fastdial.net/static/styles/images/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9c7bb%0d%0ac30fc0bb235 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/common/9c7bb%0d%0ac30fc0bb235/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:59:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/common/9c7bb
c30fc0bb235/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1899. https://fastdial.net/static/styles/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 47cf2%0d%0aa088dee5fd5 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /47cf2%0d%0aa088dee5fd5/styles/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:44 GMT
Server: Apache
Location: http://fastdial.net/47cf2
a088dee5fd5/styles/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1900. https://fastdial.net/static/styles/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b0570%0d%0a39a51010ca6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b0570%0d%0a39a51010ca6/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:58 GMT
Server: Apache
Location: http://fastdial.net/static/b0570
39a51010ca6/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1901. https://fastdial.net/static/styles/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b6239%0d%0ae43a4d26aeb was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b6239%0d%0ae43a4d26aeb/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:42:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b6239
e43a4d26aeb/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1902. https://fastdial.net/static/styles/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 96621%0d%0a69dc0a49f35 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/96621%0d%0a69dc0a49f35/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:42:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/96621
69dc0a49f35/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1903. https://fastdial.net/static/styles/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e48ed%0d%0ad4218879dae was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/e48ed%0d%0ad4218879dae/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:42:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/e48ed
d4218879dae/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1904. https://fastdial.net/static/styles/images/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b0a6f%0d%0ac84b1f47de was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b0a6f%0d%0ac84b1f47de/styles/images/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:56:25 GMT
Server: Apache
Location: http://fastdial.net/b0a6f
c84b1f47de/styles/images/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1905. https://fastdial.net/static/styles/images/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b64d1%0d%0adf8f05ef870 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b64d1%0d%0adf8f05ef870/images/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:01 GMT
Server: Apache
Location: http://fastdial.net/static/b64d1
df8f05ef870/images/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1906. https://fastdial.net/static/styles/images/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 79158%0d%0ab8ce385d1cd was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/79158%0d%0ab8ce385d1cd/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/79158
b8ce385d1cd/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1907. https://fastdial.net/static/styles/images/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 455ed%0d%0a0ebbf3cac48 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/455ed%0d%0a0ebbf3cac48/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/455ed
0ebbf3cac48/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1908. https://fastdial.net/static/styles/images/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 54a57%0d%0a8bdd4bea069 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/54a57%0d%0a8bdd4bea069/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/54a57
8bdd4bea069/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1909. https://fastdial.net/static/styles/images/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c1b3d%0d%0ab0aa72d68ee was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/common/c1b3d%0d%0ab0aa72d68ee/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:59:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/common/c1b3d
b0aa72d68ee/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1910. https://fastdial.net/static/styles/images/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5eb63%0d%0aa0d73516185 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5eb63%0d%0aa0d73516185/styles/images/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:55 GMT
Server: Apache
Location: http://fastdial.net/5eb63
a0d73516185/styles/images/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1911. https://fastdial.net/static/styles/images/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 89d21%0d%0a85dd7c55792 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/89d21%0d%0a85dd7c55792/images/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:55:09 GMT
Server: Apache
Location: http://fastdial.net/static/89d21
85dd7c55792/images/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1912. https://fastdial.net/static/styles/images/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 84ae4%0d%0a696c0462491 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/84ae4%0d%0a696c0462491/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:55:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/84ae4
696c0462491/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1913. https://fastdial.net/static/styles/images/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 428b0%0d%0a964bd1f27c4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/428b0%0d%0a964bd1f27c4/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:55:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/428b0
964bd1f27c4/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1914. https://fastdial.net/static/styles/images/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5a5b3%0d%0aa0d22ce18d2 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/5a5b3%0d%0aa0d22ce18d2/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:55:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/5a5b3
a0d22ce18d2/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1915. https://fastdial.net/static/styles/images/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1366b%0d%0a8b208a1233 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/common/1366b%0d%0a8b208a1233/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:56:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/common/1366b
8b208a1233/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1916. https://fastdial.net/static/styles/images/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 351e1%0d%0a9b0ce27e25 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/common/styles/351e1%0d%0a9b0ce27e25/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:57:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/common/styles/351e1
9b0ce27e25/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1917. https://fastdial.net/static/styles/images/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 98e3f%0d%0a8bb77652134 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /98e3f%0d%0a8bb77652134/styles/images/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:55:53 GMT
Server: Apache
Location: http://fastdial.net/98e3f
8bb77652134/styles/images/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1918. https://fastdial.net/static/styles/images/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 40bfd%0d%0add2abd37342 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/40bfd%0d%0add2abd37342/images/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:56:07 GMT
Server: Apache
Location: http://fastdial.net/static/40bfd
dd2abd37342/images/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1919. https://fastdial.net/static/styles/images/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7a8ab%0d%0af35c709e28a was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/7a8ab%0d%0af35c709e28a/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:56:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/7a8ab
f35c709e28a/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1920. https://fastdial.net/static/styles/images/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 53a1c%0d%0a1ae94678e09 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/53a1c%0d%0a1ae94678e09/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/53a1c
1ae94678e09/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1921. https://fastdial.net/static/styles/images/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f440d%0d%0a0db09f7b2dc was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/f440d%0d%0a0db09f7b2dc/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:58:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/f440d
0db09f7b2dc/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1922. https://fastdial.net/static/styles/images/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7bf06%0d%0ade8b5a0351b was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/common/7bf06%0d%0ade8b5a0351b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:00:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/common/7bf06
de8b5a0351b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1923. https://fastdial.net/static/styles/images/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 98ee4%0d%0a9b58ee5d21c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /98ee4%0d%0a9b58ee5d21c/styles/images/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:02:38 GMT
Server: Apache
Location: http://fastdial.net/98ee4
9b58ee5d21c/styles/images/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1924. https://fastdial.net/static/styles/images/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b5a78%0d%0a1beaf132b3b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b5a78%0d%0a1beaf132b3b/images/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:04:23 GMT
Server: Apache
Location: http://fastdial.net/static/b5a78
1beaf132b3b/images/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1925. https://fastdial.net/static/styles/images/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ab722%0d%0a30b679d444 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ab722%0d%0a30b679d444/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:04:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ab722
30b679d444/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1926. https://fastdial.net/static/styles/images/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload bc83f%0d%0ab9f828164f2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/bc83f%0d%0ab9f828164f2/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:04:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/bc83f
b9f828164f2/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1927. https://fastdial.net/static/styles/images/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f3b77%0d%0a63fa4e4e772 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/f3b77%0d%0a63fa4e4e772/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/f3b77
63fa4e4e772/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1928. https://fastdial.net/static/styles/images/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 859b1%0d%0aeb4ef5f4028 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/images/859b1%0d%0aeb4ef5f4028/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/images/859b1
eb4ef5f4028/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1929. https://fastdial.net/static/styles/images/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f4cd6%0d%0ac5551292267 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f4cd6%0d%0ac5551292267/styles/images/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:02:42 GMT
Server: Apache
Location: http://fastdial.net/f4cd6
c5551292267/styles/images/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1930. https://fastdial.net/static/styles/images/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ca1cf%0d%0ac1c91c0ef49 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ca1cf%0d%0ac1c91c0ef49/images/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:03:01 GMT
Server: Apache
Location: http://fastdial.net/static/ca1cf
c1c91c0ef49/images/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1931. https://fastdial.net/static/styles/images/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 27e7e%0d%0ac4f109eced4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/27e7e%0d%0ac4f109eced4/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:04:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/27e7e
c4f109eced4/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1932. https://fastdial.net/static/styles/images/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4a480%0d%0a9ab68f87c28 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/4a480%0d%0a9ab68f87c28/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/4a480
9ab68f87c28/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1933. https://fastdial.net/static/styles/images/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 70692%0d%0a19f664ff295 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/70692%0d%0a19f664ff295/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/70692
19f664ff295/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1934. https://fastdial.net/static/styles/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1f223%0d%0a7adf02693f9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1f223%0d%0a7adf02693f9/styles/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:42:06 GMT
Server: Apache
Location: http://fastdial.net/1f223
7adf02693f9/styles/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1935. https://fastdial.net/static/styles/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 58eb9%0d%0aaa1e4bd074 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/58eb9%0d%0aaa1e4bd074/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:42:23 GMT
Server: Apache
Location: http://fastdial.net/static/58eb9
aa1e4bd074/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1936. https://fastdial.net/static/styles/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9b3d1%0d%0a4bebc403abf was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/9b3d1%0d%0a4bebc403abf/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:42:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/9b3d1
4bebc403abf/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1937. https://fastdial.net/static/styles/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1957d%0d%0a8287a6bec75 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/1957d%0d%0a8287a6bec75/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:42:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/1957d
8287a6bec75/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1938. https://fastdial.net/static/styles/images/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 94a78%0d%0a911d9a7a800 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /94a78%0d%0a911d9a7a800/styles/images/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:02:29 GMT
Server: Apache
Location: http://fastdial.net/94a78
911d9a7a800/styles/images/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1939. https://fastdial.net/static/styles/images/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2c3ec%0d%0a98124228e33 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2c3ec%0d%0a98124228e33/images/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:03:00 GMT
Server: Apache
Location: http://fastdial.net/static/2c3ec
98124228e33/images/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1940. https://fastdial.net/static/styles/images/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a748e%0d%0a2a606a8e9b3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a748e%0d%0a2a606a8e9b3/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:04:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a748e
2a606a8e9b3/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1941. https://fastdial.net/static/styles/images/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fb4f9%0d%0a545a8f51059 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/fb4f9%0d%0a545a8f51059/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/fb4f9
545a8f51059/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1942. https://fastdial.net/static/styles/images/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 462c8%0d%0a7f8365e6a8c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/462c8%0d%0a7f8365e6a8c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:05:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/462c8
7f8365e6a8c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1943. https://fastdial.net/static/styles/images/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b206f%0d%0a09c2e25f396 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b206f%0d%0a09c2e25f396/styles/images/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:59:43 GMT
Server: Apache
Location: http://fastdial.net/b206f
09c2e25f396/styles/images/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1944. https://fastdial.net/static/styles/images/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d2b86%0d%0aac7cc7d31f7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d2b86%0d%0aac7cc7d31f7/images/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:59:54 GMT
Server: Apache
Location: http://fastdial.net/static/d2b86
ac7cc7d31f7/images/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1945. https://fastdial.net/static/styles/images/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 30da7%0d%0a623fe15a045 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/30da7%0d%0a623fe15a045/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:00:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/30da7
623fe15a045/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1946. https://fastdial.net/static/styles/images/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 38d83%0d%0a7810ae995e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/38d83%0d%0a7810ae995e/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:01:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/38d83
7810ae995e/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1947. https://fastdial.net/static/styles/images/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a01e6%0d%0aef2d5ada4c8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/a01e6%0d%0aef2d5ada4c8/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:01:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/a01e6
ef2d5ada4c8/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1948. https://fastdial.net/static/styles/images/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 86f20%0d%0a43ff365c45a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/styles/86f20%0d%0a43ff365c45a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:01:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/styles/86f20
43ff365c45a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1949. https://fastdial.net/static/styles/images/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload be8d1%0d%0aee97b267aa2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /be8d1%0d%0aee97b267aa2/styles/images/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:00:22 GMT
Server: Apache
Location: http://fastdial.net/be8d1
ee97b267aa2/styles/images/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1950. https://fastdial.net/static/styles/images/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5362b%0d%0a8f35bb7698 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5362b%0d%0a8f35bb7698/images/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:00:52 GMT
Server: Apache
Location: http://fastdial.net/static/5362b
8f35bb7698/images/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1951. https://fastdial.net/static/styles/images/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9ef6d%0d%0a22449de54f8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/9ef6d%0d%0a22449de54f8/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:01:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/9ef6d
22449de54f8/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1952. https://fastdial.net/static/styles/images/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b4659%0d%0a2537c366557 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/b4659%0d%0a2537c366557/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:01:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/b4659
2537c366557/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1953. https://fastdial.net/static/styles/images/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 8012d%0d%0a00fa7d2fc7 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/images/8012d%0d%0a00fa7d2fc7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 23:01:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/images/8012d
00fa7d2fc7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1954. https://fastdial.net/static/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a47f6%0d%0aaf85ac2ca5b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a47f6%0d%0aaf85ac2ca5b/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:13 GMT
Server: Apache
Location: http://fastdial.net/a47f6
af85ac2ca5b/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1955. https://fastdial.net/static/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f9b0b%0d%0a6160ed820de was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f9b0b%0d%0a6160ed820de/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:23 GMT
Server: Apache
Location: http://fastdial.net/static/f9b0b
6160ed820de/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1956. https://fastdial.net/static/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3d366%0d%0a5a6c36a1ea0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/3d366%0d%0a5a6c36a1ea0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/3d366
5a6c36a1ea0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1957. https://fastdial.net/static/styles/images/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c6cfc%0d%0aa780a39f38a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c6cfc%0d%0aa780a39f38a/styles/images/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:53:37 GMT
Server: Apache
Location: http://fastdial.net/c6cfc
a780a39f38a/styles/images/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1958. https://fastdial.net/static/styles/images/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 16851%0d%0a988278999b7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/16851%0d%0a988278999b7/images/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:03 GMT
Server: Apache
Location: http://fastdial.net/static/16851
988278999b7/images/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1959. https://fastdial.net/static/styles/images/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1f897%0d%0ab59dd58ee20 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1f897%0d%0ab59dd58ee20/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1f897
b59dd58ee20/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1960. https://fastdial.net/static/styles/images/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9977f%0d%0a331972ad1fc was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/9977f%0d%0a331972ad1fc/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/9977f
331972ad1fc/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1961. https://fastdial.net/static/styles/images/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b9195%0d%0a0b8380b460b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/scripts/b9195%0d%0a0b8380b460b/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/scripts/b9195
0b8380b460b/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1962. https://fastdial.net/static/styles/images/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 3b1f6%0d%0a545500411dc was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/scripts/images/3b1f6%0d%0a545500411dc/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:55:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/scripts/images/3b1f6
545500411dc/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1963. https://fastdial.net/static/styles/images/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2255d%0d%0ab0e006a7263 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2255d%0d%0ab0e006a7263/styles/images/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:08 GMT
Server: Apache
Location: http://fastdial.net/2255d
b0e006a7263/styles/images/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1964. https://fastdial.net/static/styles/images/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c6c72%0d%0a9f3a4b3a210 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c6c72%0d%0a9f3a4b3a210/images/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:21 GMT
Server: Apache
Location: http://fastdial.net/static/c6c72
9f3a4b3a210/images/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1965. https://fastdial.net/static/styles/images/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2a3e2%0d%0a5fe841f6259 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/2a3e2%0d%0a5fe841f6259/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/2a3e2
5fe841f6259/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1966. https://fastdial.net/static/styles/images/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e4cc3%0d%0abe3a0eb908e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/e4cc3%0d%0abe3a0eb908e/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/e4cc3
be3a0eb908e/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1967. https://fastdial.net/static/styles/images/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload baacb%0d%0ae9865af33d0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/scripts/baacb%0d%0ae9865af33d0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:55:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/scripts/baacb
e9865af33d0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1968. https://fastdial.net/static/styles/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c01d3%0d%0a0afe2335843 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c01d3%0d%0a0afe2335843/styles/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:17 GMT
Server: Apache
Location: http://fastdial.net/c01d3
0afe2335843/styles/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1969. https://fastdial.net/static/styles/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 44838%0d%0aac506f83ce5 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/44838%0d%0aac506f83ce5/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:30 GMT
Server: Apache
Location: http://fastdial.net/static/44838
ac506f83ce5/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1970. https://fastdial.net/static/styles/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dbfdf%0d%0aa1bcb811d07 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/dbfdf%0d%0aa1bcb811d07/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/dbfdf
a1bcb811d07/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1971. https://fastdial.net/static/styles/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9ddd3%0d%0a04d55d0e28c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/9ddd3%0d%0a04d55d0e28c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/9ddd3
04d55d0e28c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1972. https://fastdial.net/static/styles/images/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e0a6d%0d%0a3dd3a02a1bb was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e0a6d%0d%0a3dd3a02a1bb/styles/images/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:33 GMT
Server: Apache
Location: http://fastdial.net/e0a6d
3dd3a02a1bb/styles/images/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1973. https://fastdial.net/static/styles/images/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 41927%0d%0a185ef339a21 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/41927%0d%0a185ef339a21/images/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:50 GMT
Server: Apache
Location: http://fastdial.net/static/41927
185ef339a21/images/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1974. https://fastdial.net/static/styles/images/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a28e3%0d%0af1eabd4d6d0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a28e3%0d%0af1eabd4d6d0/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:53:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a28e3
f1eabd4d6d0/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1975. https://fastdial.net/static/styles/images/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a3d1e%0d%0a02333aee2ea was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/a3d1e%0d%0a02333aee2ea/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/a3d1e
02333aee2ea/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1976. https://fastdial.net/static/styles/images/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e8650%0d%0aa113845433b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/scripts/e8650%0d%0aa113845433b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/scripts/e8650
a113845433b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1977. https://fastdial.net/static/styles/images/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 854bd%0d%0ad84fc490f0e was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /854bd%0d%0ad84fc490f0e/styles/images/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:58 GMT
Server: Apache
Location: http://fastdial.net/854bd
d84fc490f0e/styles/images/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1978. https://fastdial.net/static/styles/images/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4f7aa%0d%0a12b7fef4c7f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4f7aa%0d%0a12b7fef4c7f/images/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:09 GMT
Server: Apache
Location: http://fastdial.net/static/4f7aa
12b7fef4c7f/images/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1979. https://fastdial.net/static/styles/images/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 3c645%0d%0a9bb0b7bc73d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/3c645%0d%0a9bb0b7bc73d/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/3c645
9bb0b7bc73d/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1980. https://fastdial.net/static/styles/images/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e0e7e%0d%0af06d52a713a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/e0e7e%0d%0af06d52a713a/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/e0e7e
f06d52a713a/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1981. https://fastdial.net/static/styles/images/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a3d96%0d%0a23610a6ada3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/scripts/a3d96%0d%0a23610a6ada3/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/scripts/a3d96
23610a6ada3/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1982. https://fastdial.net/static/styles/images/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9c38e%0d%0a07b9b9279b7 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/scripts/styles/9c38e%0d%0a07b9b9279b7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:53:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/scripts/styles/9c38e
07b9b9279b7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1983. https://fastdial.net/static/styles/images/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3b8b5%0d%0ab56fccdb0fc was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3b8b5%0d%0ab56fccdb0fc/styles/images/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:22 GMT
Server: Apache
Location: http://fastdial.net/3b8b5
b56fccdb0fc/styles/images/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1984. https://fastdial.net/static/styles/images/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b857a%0d%0a78d3728d7f3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b857a%0d%0a78d3728d7f3/images/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:40 GMT
Server: Apache
Location: http://fastdial.net/static/b857a
78d3728d7f3/images/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1985. https://fastdial.net/static/styles/images/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dd167%0d%0af98cc388193 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/dd167%0d%0af98cc388193/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/dd167
f98cc388193/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1986. https://fastdial.net/static/styles/images/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 77acc%0d%0a56c84bda814 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/77acc%0d%0a56c84bda814/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:53:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/77acc
56c84bda814/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1987. https://fastdial.net/static/styles/images/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ea89b%0d%0ae26fea23824 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/scripts/ea89b%0d%0ae26fea23824/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:54:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/scripts/ea89b
e26fea23824/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1988. https://fastdial.net/static/styles/images/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7849b%0d%0aacef2dcce66 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7849b%0d%0aacef2dcce66/styles/images/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:48 GMT
Server: Apache
Location: http://fastdial.net/7849b
acef2dcce66/styles/images/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1989. https://fastdial.net/static/styles/images/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 78ddd%0d%0a81d8f00c283 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/78ddd%0d%0a81d8f00c283/images/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:48:01 GMT
Server: Apache
Location: http://fastdial.net/static/78ddd
81d8f00c283/images/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1990. https://fastdial.net/static/styles/images/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 25b71%0d%0af50a6e23e11 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/25b71%0d%0af50a6e23e11/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:48:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/25b71
f50a6e23e11/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1991. https://fastdial.net/static/styles/images/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5e4a0%0d%0a7e748f21fe was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/5e4a0%0d%0a7e748f21fe/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:48:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/5e4a0
7e748f21fe/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1992. https://fastdial.net/static/styles/images/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ffa9b%0d%0a281076291f7 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/ffa9b%0d%0a281076291f7/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:48:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/ffa9b
281076291f7/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1993. https://fastdial.net/static/styles/images/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 95f26%0d%0ac624696a77b was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/common/95f26%0d%0ac624696a77b/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:48:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/common/95f26
c624696a77b/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1994. https://fastdial.net/static/styles/images/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 7b2b0%0d%0ac3b7f6f06f3 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/common/images/7b2b0%0d%0ac3b7f6f06f3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/common/images/7b2b0
c3b7f6f06f3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.1995. https://fastdial.net/static/styles/images/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 62058%0d%0a26518562c1f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /62058%0d%0a26518562c1f/styles/images/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:48:41 GMT
Server: Apache
Location: http://fastdial.net/62058
26518562c1f/styles/images/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1996. https://fastdial.net/static/styles/images/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 22915%0d%0ac10d3196759 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/22915%0d%0ac10d3196759/images/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:48:51 GMT
Server: Apache
Location: http://fastdial.net/static/22915
c10d3196759/images/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1997. https://fastdial.net/static/styles/images/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 40d48%0d%0a3168a046ab7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/40d48%0d%0a3168a046ab7/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/40d48
3168a046ab7/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1998. https://fastdial.net/static/styles/images/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 610a0%0d%0a791f012bc41 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/610a0%0d%0a791f012bc41/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/610a0
791f012bc41/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.1999. https://fastdial.net/static/styles/images/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e3c1b%0d%0a5b96d539ac1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/e3c1b%0d%0a5b96d539ac1/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/e3c1b
5b96d539ac1/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2000. https://fastdial.net/static/styles/images/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 32956%0d%0a311097a8a36 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/common/32956%0d%0a311097a8a36/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/common/32956
311097a8a36/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2001. https://fastdial.net/static/styles/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 56087%0d%0a568275c0c8b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /56087%0d%0a568275c0c8b/styles/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:38 GMT
Server: Apache
Location: http://fastdial.net/56087
568275c0c8b/styles/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2002. https://fastdial.net/static/styles/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4fcf9%0d%0adf310c5b457 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4fcf9%0d%0adf310c5b457/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:39:55 GMT
Server: Apache
Location: http://fastdial.net/static/4fcf9
df310c5b457/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2003. https://fastdial.net/static/styles/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 656ca%0d%0ae9f7eece24f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/656ca%0d%0ae9f7eece24f/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:40:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/656ca
e9f7eece24f/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2004. https://fastdial.net/static/styles/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 89ab2%0d%0a6eace10ffe9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/89ab2%0d%0a6eace10ffe9/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:40:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/89ab2
6eace10ffe9/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2005. https://fastdial.net/static/styles/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 669cf%0d%0a21c64338c23 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/669cf%0d%0a21c64338c23/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:40:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/669cf
21c64338c23/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2006. https://fastdial.net/static/styles/images/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f0fd4%0d%0a61a3b8155a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f0fd4%0d%0a61a3b8155a/styles/images/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:45 GMT
Server: Apache
Location: http://fastdial.net/f0fd4
61a3b8155a/styles/images/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2007. https://fastdial.net/static/styles/images/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 21de1%0d%0a0d15401ecba was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/21de1%0d%0a0d15401ecba/images/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:01 GMT
Server: Apache
Location: http://fastdial.net/static/21de1
0d15401ecba/images/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2008. https://fastdial.net/static/styles/images/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2ac25%0d%0afe536dd4338 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/2ac25%0d%0afe536dd4338/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/2ac25
fe536dd4338/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2009. https://fastdial.net/static/styles/images/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5dedd%0d%0a834d3d86458 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/5dedd%0d%0a834d3d86458/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/5dedd
834d3d86458/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2010. https://fastdial.net/static/styles/images/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f8001%0d%0a8dc7a34d18d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/f8001%0d%0a8dc7a34d18d/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/f8001
8dc7a34d18d/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2011. https://fastdial.net/static/styles/images/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b87ea%0d%0a06f84e0c259 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/common/b87ea%0d%0a06f84e0c259/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:48:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/common/b87ea
06f84e0c259/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2012. https://fastdial.net/static/styles/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 822ee%0d%0ab2112b41185 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /822ee%0d%0ab2112b41185/styles/images/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:41 GMT
Server: Apache
Location: http://fastdial.net/822ee
b2112b41185/styles/images/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2013. https://fastdial.net/static/styles/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e71b8%0d%0a2565442ab97 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e71b8%0d%0a2565442ab97/images/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:58 GMT
Server: Apache
Location: http://fastdial.net/static/e71b8
2565442ab97/images/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2014. https://fastdial.net/static/styles/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a427e%0d%0ae272d5f5b48 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a427e%0d%0ae272d5f5b48/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a427e
e272d5f5b48/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2015. https://fastdial.net/static/styles/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b32cc%0d%0af21ccc757f3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/b32cc%0d%0af21ccc757f3/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/b32cc
f21ccc757f3/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2016. https://fastdial.net/static/styles/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4afa9%0d%0ab2820d7862f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/4afa9%0d%0ab2820d7862f/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/4afa9
b2820d7862f/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2017. https://fastdial.net/static/styles/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 68850%0d%0a0ba093c490f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/common/68850%0d%0a0ba093c490f/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/common/68850
0ba093c490f/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2018. https://fastdial.net/static/styles/images/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 776b3%0d%0a5a708cecd16 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/common/styles/776b3%0d%0a5a708cecd16/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/common/styles/776b3
5a708cecd16/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2019. https://fastdial.net/static/styles/images/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b20ba%0d%0a7fe743a6e94 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b20ba%0d%0a7fe743a6e94/styles/images/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:45:55 GMT
Server: Apache
Location: http://fastdial.net/b20ba
7fe743a6e94/styles/images/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2020. https://fastdial.net/static/styles/images/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload abe5d%0d%0af63cbe4cacb was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/abe5d%0d%0af63cbe4cacb/images/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:10 GMT
Server: Apache
Location: http://fastdial.net/static/abe5d
f63cbe4cacb/images/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2021. https://fastdial.net/static/styles/images/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 14abc%0d%0a415c3efce39 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/14abc%0d%0a415c3efce39/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:46:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/14abc
415c3efce39/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2022. https://fastdial.net/static/styles/images/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7d454%0d%0a0d71d549dc5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/7d454%0d%0a0d71d549dc5/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/7d454
0d71d549dc5/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2023. https://fastdial.net/static/styles/images/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9db62%0d%0a231ccba546e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/9db62%0d%0a231ccba546e/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/9db62
231ccba546e/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2024. https://fastdial.net/static/styles/images/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 62687%0d%0a261ddd642ee was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/common/62687%0d%0a261ddd642ee/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:47:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/common/62687
261ddd642ee/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2025. https://fastdial.net/static/styles/images/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b2e79%0d%0a6697ca496e7 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b2e79%0d%0a6697ca496e7/styles/images/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:50 GMT
Server: Apache
Location: http://fastdial.net/b2e79
6697ca496e7/styles/images/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2026. https://fastdial.net/static/styles/images/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 13db5%0d%0aeacfdbb81fc was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/13db5%0d%0aeacfdbb81fc/images/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:04 GMT
Server: Apache
Location: http://fastdial.net/static/13db5
eacfdbb81fc/images/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2027. https://fastdial.net/static/styles/images/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2d09e%0d%0adc33abe9289 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/2d09e%0d%0adc33abe9289/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/2d09e
dc33abe9289/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2028. https://fastdial.net/static/styles/images/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f2961%0d%0abbcf7a22f9c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/f2961%0d%0abbcf7a22f9c/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/f2961
bbcf7a22f9c/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2029. https://fastdial.net/static/styles/images/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a1035%0d%0a4f68d3dcf0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/a1035%0d%0a4f68d3dcf0/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/a1035
4f68d3dcf0/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2030. https://fastdial.net/static/styles/images/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 6eda0%0d%0a30b20203dde was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/images/6eda0%0d%0a30b20203dde/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/images/6eda0
30b20203dde/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2031. https://fastdial.net/static/styles/images/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fb81b%0d%0ab49d6bf0ce4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fb81b%0d%0ab49d6bf0ce4/styles/images/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:13 GMT
Server: Apache
Location: http://fastdial.net/fb81b
b49d6bf0ce4/styles/images/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2032. https://fastdial.net/static/styles/images/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8b05c%0d%0a412de876018 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8b05c%0d%0a412de876018/images/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:31 GMT
Server: Apache
Location: http://fastdial.net/static/8b05c
412de876018/images/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2033. https://fastdial.net/static/styles/images/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 19c06%0d%0aa4f180abe62 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/19c06%0d%0aa4f180abe62/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/19c06
a4f180abe62/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2034. https://fastdial.net/static/styles/images/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f9450%0d%0a8de94aae641 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/f9450%0d%0a8de94aae641/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/f9450
8de94aae641/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2035. https://fastdial.net/static/styles/images/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload dd893%0d%0a484d73fd923 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/dd893%0d%0a484d73fd923/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:52:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/dd893
484d73fd923/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2036. https://fastdial.net/static/styles/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7fee8%0d%0a1263719c9de was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7fee8%0d%0a1263719c9de/styles/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:02 GMT
Server: Apache
Location: http://fastdial.net/7fee8
1263719c9de/styles/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2037. https://fastdial.net/static/styles/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload af990%0d%0a6544b34ccdd was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/af990%0d%0a6544b34ccdd/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:15 GMT
Server: Apache
Location: http://fastdial.net/static/af990
6544b34ccdd/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2038. https://fastdial.net/static/styles/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1ca22%0d%0a448acda2513 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1ca22%0d%0a448acda2513/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1ca22
448acda2513/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2039. https://fastdial.net/static/styles/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8f811%0d%0aa926af68b88 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/8f811%0d%0aa926af68b88/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:41:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/8f811
a926af68b88/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2040. https://fastdial.net/static/styles/images/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 86bf6%0d%0aeaed0f8f9b0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /86bf6%0d%0aeaed0f8f9b0/styles/images/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:00 GMT
Server: Apache
Location: http://fastdial.net/86bf6
eaed0f8f9b0/styles/images/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2041. https://fastdial.net/static/styles/images/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload fc6b4%0d%0a1c2c84eec10 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/fc6b4%0d%0a1c2c84eec10/images/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:14 GMT
Server: Apache
Location: http://fastdial.net/static/fc6b4
1c2c84eec10/images/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2042. https://fastdial.net/static/styles/images/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e5c5f%0d%0ade58ff36b22 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e5c5f%0d%0ade58ff36b22/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e5c5f
de58ff36b22/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2043. https://fastdial.net/static/styles/images/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e7eac%0d%0aefe7d9bf5cf was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/e7eac%0d%0aefe7d9bf5cf/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/e7eac
efe7d9bf5cf/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2044. https://fastdial.net/static/styles/images/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload bc9cd%0d%0a27410b2471a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/bc9cd%0d%0a27410b2471a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:51:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/bc9cd
27410b2471a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2045. https://fastdial.net/static/styles/images/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b75d9%0d%0a58db6ac2b52 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b75d9%0d%0a58db6ac2b52/styles/images/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:10 GMT
Server: Apache
Location: http://fastdial.net/b75d9
58db6ac2b52/styles/images/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2046. https://fastdial.net/static/styles/images/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3ea86%0d%0a6d634279389 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3ea86%0d%0a6d634279389/images/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:26 GMT
Server: Apache
Location: http://fastdial.net/static/3ea86
6d634279389/images/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2047. https://fastdial.net/static/styles/images/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dac11%0d%0ae93eb9a9f27 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/dac11%0d%0ae93eb9a9f27/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/dac11
e93eb9a9f27/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2048. https://fastdial.net/static/styles/images/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8b42f%0d%0a1e18d012a2c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/8b42f%0d%0a1e18d012a2c/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/8b42f
1e18d012a2c/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2049. https://fastdial.net/static/styles/images/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2562f%0d%0a44bcdeedd17 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/2562f%0d%0a44bcdeedd17/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/2562f
44bcdeedd17/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2050. https://fastdial.net/static/styles/images/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1e5a5%0d%0a07e5eae0dea was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/styles/1e5a5%0d%0a07e5eae0dea/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/styles/1e5a5
07e5eae0dea/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2051. https://fastdial.net/static/styles/images/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload bb588%0d%0a98084c0edbe was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /bb588%0d%0a98084c0edbe/styles/images/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:42 GMT
Server: Apache
Location: http://fastdial.net/bb588
98084c0edbe/styles/images/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2052. https://fastdial.net/static/styles/images/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 13419%0d%0aecf61e7af20 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/13419%0d%0aecf61e7af20/images/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:49:55 GMT
Server: Apache
Location: http://fastdial.net/static/13419
ecf61e7af20/images/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2053. https://fastdial.net/static/styles/images/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c7144%0d%0a73f10417a90 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c7144%0d%0a73f10417a90/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c7144
73f10417a90/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2054. https://fastdial.net/static/styles/images/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 43e75%0d%0a8a6d65055a1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/43e75%0d%0a8a6d65055a1/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/43e75
8a6d65055a1/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2055. https://fastdial.net/static/styles/images/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/images/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c3ad4%0d%0acba515cbb4f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/images/styles/c3ad4%0d%0acba515cbb4f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:50:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/images/styles/c3ad4
cba515cbb4f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2056. https://fastdial.net/static/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a3905%0d%0a4fbc53d2af5 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a3905%0d%0a4fbc53d2af5/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:53 GMT
Server: Apache
Location: http://fastdial.net/a3905
4fbc53d2af5/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2057. https://fastdial.net/static/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload cdcb3%0d%0a6e512a7a745 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/cdcb3%0d%0a6e512a7a745/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:06 GMT
Server: Apache
Location: http://fastdial.net/static/cdcb3
6e512a7a745/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2058. https://fastdial.net/static/styles/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a7e6f%0d%0a2c5abd8dd16 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a7e6f%0d%0a2c5abd8dd16/styles/scripts/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:12 GMT
Server: Apache
Location: http://fastdial.net/a7e6f
2c5abd8dd16/styles/scripts/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2059. https://fastdial.net/static/styles/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 39d59%0d%0af71b968a16f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/39d59%0d%0af71b968a16f/scripts/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:32 GMT
Server: Apache
Location: http://fastdial.net/static/39d59
f71b968a16f/scripts/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2060. https://fastdial.net/static/styles/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 87ca9%0d%0a596e3f6a925 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/87ca9%0d%0a596e3f6a925/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/87ca9
596e3f6a925/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2061. https://fastdial.net/static/styles/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 41485%0d%0a5038b4a8353 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/41485%0d%0a5038b4a8353/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/41485
5038b4a8353/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2062. https://fastdial.net/static/styles/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6a206%0d%0a2d5b03fab73 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/6a206%0d%0a2d5b03fab73/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/6a206
2d5b03fab73/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2063. https://fastdial.net/static/styles/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 69f36%0d%0a0f29d13b5a2 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/common/69f36%0d%0a0f29d13b5a2/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/common/69f36
0f29d13b5a2/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2064. https://fastdial.net/static/styles/scripts/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 46e70%0d%0a42ec0ed1301 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/common/images/46e70%0d%0a42ec0ed1301/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/common/images/46e70
42ec0ed1301/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2065. https://fastdial.net/static/styles/scripts/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 55e09%0d%0adbc58289d41 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /55e09%0d%0adbc58289d41/styles/scripts/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:48 GMT
Server: Apache
Location: http://fastdial.net/55e09
dbc58289d41/styles/scripts/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2066. https://fastdial.net/static/styles/scripts/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2f68a%0d%0a88a2f9a0e8b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2f68a%0d%0a88a2f9a0e8b/scripts/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:04 GMT
Server: Apache
Location: http://fastdial.net/static/2f68a
88a2f9a0e8b/scripts/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2067. https://fastdial.net/static/styles/scripts/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 21803%0d%0a069c52eaf56 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/21803%0d%0a069c52eaf56/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/21803
069c52eaf56/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2068. https://fastdial.net/static/styles/scripts/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 66c4b%0d%0a8e00a5ff9db was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/66c4b%0d%0a8e00a5ff9db/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/66c4b
8e00a5ff9db/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2069. https://fastdial.net/static/styles/scripts/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e575f%0d%0a2173fd2893a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/e575f%0d%0a2173fd2893a/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/e575f
2173fd2893a/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2070. https://fastdial.net/static/styles/scripts/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 69d05%0d%0aa912b20f10f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/common/69d05%0d%0aa912b20f10f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/common/69d05
a912b20f10f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2071. https://fastdial.net/static/styles/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 80c2f%0d%0a36c09b9280d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /80c2f%0d%0a36c09b9280d/styles/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:09 GMT
Server: Apache
Location: http://fastdial.net/80c2f
36c09b9280d/styles/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2072. https://fastdial.net/static/styles/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5f2bf%0d%0ad21792be674 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5f2bf%0d%0ad21792be674/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:23 GMT
Server: Apache
Location: http://fastdial.net/static/5f2bf
d21792be674/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2073. https://fastdial.net/static/styles/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bae57%0d%0ac18931fc271 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/bae57%0d%0ac18931fc271/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/bae57
c18931fc271/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2074. https://fastdial.net/static/styles/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5bf4d%0d%0a5924441df5a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/5bf4d%0d%0a5924441df5a/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/5bf4d
5924441df5a/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2075. https://fastdial.net/static/styles/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload deb79%0d%0a6db20a05c34 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/deb79%0d%0a6db20a05c34/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/deb79
6db20a05c34/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2076. https://fastdial.net/static/styles/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 15037%0d%0ab76da332a1b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /15037%0d%0ab76da332a1b/styles/scripts/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:19:45 GMT
Server: Apache
Location: http://fastdial.net/15037
b76da332a1b/styles/scripts/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2077. https://fastdial.net/static/styles/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d8666%0d%0a2976d5b7214 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d8666%0d%0a2976d5b7214/scripts/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:31 GMT
Server: Apache
Location: http://fastdial.net/static/d8666
2976d5b7214/scripts/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2078. https://fastdial.net/static/styles/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c9707%0d%0a0f2f1ca01b9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c9707%0d%0a0f2f1ca01b9/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c9707
0f2f1ca01b9/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2079. https://fastdial.net/static/styles/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8fb35%0d%0aaed22e73c21 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/8fb35%0d%0aaed22e73c21/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/8fb35
aed22e73c21/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2080. https://fastdial.net/static/styles/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f69fe%0d%0a3a77c7f8431 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/f69fe%0d%0a3a77c7f8431/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/f69fe
3a77c7f8431/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2081. https://fastdial.net/static/styles/scripts/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 59d17%0d%0a2b573f58380 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/common/59d17%0d%0a2b573f58380/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/common/59d17
2b573f58380/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2082. https://fastdial.net/static/styles/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 44607%0d%0a97b0dbf890 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /44607%0d%0a97b0dbf890/styles/scripts/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:17:51 GMT
Server: Apache
Location: http://fastdial.net/44607
97b0dbf890/styles/scripts/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2083. https://fastdial.net/static/styles/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b53e0%0d%0a264c1121305 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b53e0%0d%0a264c1121305/scripts/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:18:17 GMT
Server: Apache
Location: http://fastdial.net/static/b53e0
264c1121305/scripts/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2084. https://fastdial.net/static/styles/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 140f7%0d%0aa2fbc9f5d73 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/140f7%0d%0aa2fbc9f5d73/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:18:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/140f7
a2fbc9f5d73/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2085. https://fastdial.net/static/styles/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 469fe%0d%0a39c5bdec4a1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/469fe%0d%0a39c5bdec4a1/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:19:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/469fe
39c5bdec4a1/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2086. https://fastdial.net/static/styles/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1cc51%0d%0a28de2ad56fc was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/1cc51%0d%0a28de2ad56fc/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:19:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/1cc51
28de2ad56fc/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2087. https://fastdial.net/static/styles/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 220e0%0d%0a1adea3b34e0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/common/220e0%0d%0a1adea3b34e0/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/common/220e0
1adea3b34e0/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2088. https://fastdial.net/static/styles/scripts/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 250a3%0d%0a2816ed5437a was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/common/styles/250a3%0d%0a2816ed5437a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/common/styles/250a3
2816ed5437a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2089. https://fastdial.net/static/styles/scripts/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e0e0e%0d%0acc8b4caffcd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e0e0e%0d%0acc8b4caffcd/styles/scripts/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:19:36 GMT
Server: Apache
Location: http://fastdial.net/e0e0e
cc8b4caffcd/styles/scripts/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2090. https://fastdial.net/static/styles/scripts/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 20192%0d%0a041cc3a6531 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/20192%0d%0a041cc3a6531/scripts/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:30 GMT
Server: Apache
Location: http://fastdial.net/static/20192
041cc3a6531/scripts/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2091. https://fastdial.net/static/styles/scripts/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload af02b%0d%0ad22d4c5dffb was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/af02b%0d%0ad22d4c5dffb/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/af02b
d22d4c5dffb/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2092. https://fastdial.net/static/styles/scripts/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8bd2e%0d%0af37238017f9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/8bd2e%0d%0af37238017f9/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:20:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/8bd2e
f37238017f9/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2093. https://fastdial.net/static/styles/scripts/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c34d9%0d%0a7aef1515890 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/c34d9%0d%0a7aef1515890/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/c34d9
7aef1515890/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2094. https://fastdial.net/static/styles/scripts/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c50fd%0d%0ac5670016281 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/common/c50fd%0d%0ac5670016281/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/common/c50fd
c5670016281/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2095. https://fastdial.net/static/styles/scripts/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d7b63%0d%0a525e19ffd2e was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d7b63%0d%0a525e19ffd2e/styles/scripts/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:23:14 GMT
Server: Apache
Location: http://fastdial.net/d7b63
525e19ffd2e/styles/scripts/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2096. https://fastdial.net/static/styles/scripts/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 11bb9%0d%0ac8618690296 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/11bb9%0d%0ac8618690296/scripts/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:13 GMT
Server: Apache
Location: http://fastdial.net/static/11bb9
c8618690296/scripts/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2097. https://fastdial.net/static/styles/scripts/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 14cf2%0d%0a1fd6b201b2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/14cf2%0d%0a1fd6b201b2/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/14cf2
1fd6b201b2/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2098. https://fastdial.net/static/styles/scripts/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 804a3%0d%0aa29aa919fc9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/804a3%0d%0aa29aa919fc9/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/804a3
a29aa919fc9/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2099. https://fastdial.net/static/styles/scripts/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1d5a5%0d%0a86fe8e3315b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/1d5a5%0d%0a86fe8e3315b/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:26:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/1d5a5
86fe8e3315b/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2100. https://fastdial.net/static/styles/scripts/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7a428%0d%0aa2e45614c3f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/images/7a428%0d%0aa2e45614c3f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:26:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/images/7a428
a2e45614c3f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2101. https://fastdial.net/static/styles/scripts/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload aec33%0d%0a2e0265bd650 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /aec33%0d%0a2e0265bd650/styles/scripts/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:26:54 GMT
Server: Apache
Location: http://fastdial.net/aec33
2e0265bd650/styles/scripts/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2102. https://fastdial.net/static/styles/scripts/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d5fb2%0d%0a20d47cbf093 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d5fb2%0d%0a20d47cbf093/scripts/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:28:27 GMT
Server: Apache
Location: http://fastdial.net/static/d5fb2
20d47cbf093/scripts/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2103. https://fastdial.net/static/styles/scripts/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dd153%0d%0a9d340939d7e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/dd153%0d%0a9d340939d7e/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:28:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/dd153
9d340939d7e/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2104. https://fastdial.net/static/styles/scripts/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload bb910%0d%0a3fe908e8d9d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/bb910%0d%0a3fe908e8d9d/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:28:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/bb910
3fe908e8d9d/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2105. https://fastdial.net/static/styles/scripts/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3a040%0d%0af6557570e46 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/3a040%0d%0af6557570e46/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:29:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/3a040
f6557570e46/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2106. https://fastdial.net/static/styles/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload add3f%0d%0aec8a9cef629 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /add3f%0d%0aec8a9cef629/styles/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:19 GMT
Server: Apache
Location: http://fastdial.net/add3f
ec8a9cef629/styles/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2107. https://fastdial.net/static/styles/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6ca49%0d%0a7856f7d68e4 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6ca49%0d%0a7856f7d68e4/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:41 GMT
Server: Apache
Location: http://fastdial.net/static/6ca49
7856f7d68e4/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2108. https://fastdial.net/static/styles/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ab742%0d%0aa4bb2533969 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ab742%0d%0aa4bb2533969/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:35:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ab742
a4bb2533969/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2109. https://fastdial.net/static/styles/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 40824%0d%0ac1b3c16574b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/40824%0d%0ac1b3c16574b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:36:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/40824
c1b3c16574b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2110. https://fastdial.net/static/styles/scripts/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 119b7%0d%0a1a4a142fe27 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /119b7%0d%0a1a4a142fe27/styles/scripts/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:22:50 GMT
Server: Apache
Location: http://fastdial.net/119b7
1a4a142fe27/styles/scripts/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2111. https://fastdial.net/static/styles/scripts/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5a804%0d%0a07790d26de6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5a804%0d%0a07790d26de6/scripts/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:13 GMT
Server: Apache
Location: http://fastdial.net/static/5a804
07790d26de6/scripts/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2112. https://fastdial.net/static/styles/scripts/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b2303%0d%0a9b85d65c50e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b2303%0d%0a9b85d65c50e/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b2303
9b85d65c50e/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2113. https://fastdial.net/static/styles/scripts/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b8d60%0d%0af334da4eca2 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/b8d60%0d%0af334da4eca2/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/b8d60
f334da4eca2/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2114. https://fastdial.net/static/styles/scripts/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6b3d2%0d%0ade77251abe2 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/6b3d2%0d%0ade77251abe2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:26:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/6b3d2
de77251abe2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2115. https://fastdial.net/static/styles/scripts/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8f813%0d%0a51390cf13e2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8f813%0d%0a51390cf13e2/styles/scripts/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:21:50 GMT
Server: Apache
Location: http://fastdial.net/8f813
51390cf13e2/styles/scripts/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2116. https://fastdial.net/static/styles/scripts/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ba1bd%0d%0a516906d0848 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ba1bd%0d%0a516906d0848/scripts/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:22:07 GMT
Server: Apache
Location: http://fastdial.net/static/ba1bd
516906d0848/scripts/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2117. https://fastdial.net/static/styles/scripts/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 67797%0d%0ac3bf1caebfe was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/67797%0d%0ac3bf1caebfe/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:23:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/67797
c3bf1caebfe/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2118. https://fastdial.net/static/styles/scripts/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload af802%0d%0a96ff12a9974 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/af802%0d%0a96ff12a9974/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:23:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/af802
96ff12a9974/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2119. https://fastdial.net/static/styles/scripts/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d4262%0d%0a511924bf067 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/d4262%0d%0a511924bf067/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:24:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/d4262
511924bf067/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2120. https://fastdial.net/static/styles/scripts/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 19490%0d%0a9d47ddf79b1 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/styles/19490%0d%0a9d47ddf79b1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/styles/19490
9d47ddf79b1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2121. https://fastdial.net/static/styles/scripts/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2e007%0d%0acb5c7e504e3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2e007%0d%0acb5c7e504e3/styles/scripts/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:22:26 GMT
Server: Apache
Location: http://fastdial.net/2e007
cb5c7e504e3/styles/scripts/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2122. https://fastdial.net/static/styles/scripts/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8be79%0d%0a6787adddbbc was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8be79%0d%0a6787adddbbc/scripts/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:22:40 GMT
Server: Apache
Location: http://fastdial.net/static/8be79
6787adddbbc/scripts/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2123. https://fastdial.net/static/styles/scripts/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 60a0b%0d%0a2a27844914e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/60a0b%0d%0a2a27844914e/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/60a0b
2a27844914e/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2124. https://fastdial.net/static/styles/scripts/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload db0b2%0d%0a3095a54f7d5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/db0b2%0d%0a3095a54f7d5/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/db0b2
3095a54f7d5/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2125. https://fastdial.net/static/styles/scripts/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload fc346%0d%0ac16f99cb4c0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/images/fc346%0d%0ac16f99cb4c0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:25:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/images/fc346
c16f99cb4c0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2126. https://fastdial.net/static/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload edac3%0d%0af9899c1e708 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /edac3%0d%0af9899c1e708/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:32:28 GMT
Server: Apache
Location: http://fastdial.net/edac3
f9899c1e708/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2127. https://fastdial.net/static/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a66e5%0d%0abfe8025d082 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a66e5%0d%0abfe8025d082/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:32:56 GMT
Server: Apache
Location: http://fastdial.net/static/a66e5
bfe8025d082/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2128. https://fastdial.net/static/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5825e%0d%0a85e346fc532 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5825e%0d%0a85e346fc532/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:33:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5825e
85e346fc532/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2129. https://fastdial.net/static/styles/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload be61d%0d%0a4115497e5c3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /be61d%0d%0a4115497e5c3/styles/scripts/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:17:51 GMT
Server: Apache
Location: http://fastdial.net/be61d
4115497e5c3/styles/scripts/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2130. https://fastdial.net/static/styles/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3fea1%0d%0a1f3b6795232 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3fea1%0d%0a1f3b6795232/scripts/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:18:02 GMT
Server: Apache
Location: http://fastdial.net/static/3fea1
1f3b6795232/scripts/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2131. https://fastdial.net/static/styles/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 71746%0d%0a2e1bab1f146 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/71746%0d%0a2e1bab1f146/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:18:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/71746
2e1bab1f146/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2132. https://fastdial.net/static/styles/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a1799%0d%0a3e784e19026 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/a1799%0d%0a3e784e19026/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:18:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/a1799
3e784e19026/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2133. https://fastdial.net/static/styles/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9f643%0d%0ad7896416664 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/scripts/9f643%0d%0ad7896416664/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:19:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/scripts/9f643
d7896416664/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2134. https://fastdial.net/static/styles/scripts/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 5949e%0d%0adb9198a00ee was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/scripts/images/5949e%0d%0adb9198a00ee/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:19:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/scripts/images/5949e
db9198a00ee/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2135. https://fastdial.net/static/styles/scripts/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2b9e1%0d%0a81b0f91c20a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2b9e1%0d%0a81b0f91c20a/styles/scripts/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:17:35 GMT
Server: Apache
Location: http://fastdial.net/2b9e1
81b0f91c20a/styles/scripts/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2136. https://fastdial.net/static/styles/scripts/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b4ef6%0d%0a149a8f53379 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b4ef6%0d%0a149a8f53379/scripts/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:18:05 GMT
Server: Apache
Location: http://fastdial.net/static/b4ef6
149a8f53379/scripts/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2137. https://fastdial.net/static/styles/scripts/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 44112%0d%0aab316e66620 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/44112%0d%0aab316e66620/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:18:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/44112
ab316e66620/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2138. https://fastdial.net/static/styles/scripts/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload f6e90%0d%0ae6f80ab3cce was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/f6e90%0d%0ae6f80ab3cce/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:19:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/f6e90
e6f80ab3cce/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2139. https://fastdial.net/static/styles/scripts/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload deef9%0d%0aafc7670dbe0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/scripts/deef9%0d%0aafc7670dbe0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:19:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/scripts/deef9
afc7670dbe0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2140. https://fastdial.net/static/styles/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e7fc8%0d%0ab2e68ca1641 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e7fc8%0d%0ab2e68ca1641/styles/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:32:31 GMT
Server: Apache
Location: http://fastdial.net/e7fc8
b2e68ca1641/styles/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2141. https://fastdial.net/static/styles/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 71310%0d%0a8e192a92a1b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/71310%0d%0a8e192a92a1b/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:33:04 GMT
Server: Apache
Location: http://fastdial.net/static/71310
8e192a92a1b/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2142. https://fastdial.net/static/styles/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a49b7%0d%0a3e421c5f443 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a49b7%0d%0a3e421c5f443/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:33:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a49b7
3e421c5f443/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2143. https://fastdial.net/static/styles/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2e2a8%0d%0a6434c7137e8 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/2e2a8%0d%0a6434c7137e8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:33:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/2e2a8
6434c7137e8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2144. https://fastdial.net/static/styles/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 95b0b%0d%0a71282101b0d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /95b0b%0d%0a71282101b0d/styles/scripts/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:08 GMT
Server: Apache
Location: http://fastdial.net/95b0b
71282101b0d/styles/scripts/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2145. https://fastdial.net/static/styles/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1869f%0d%0a1741d24d9ba was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1869f%0d%0a1741d24d9ba/scripts/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:22 GMT
Server: Apache
Location: http://fastdial.net/static/1869f
1741d24d9ba/scripts/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2146. https://fastdial.net/static/styles/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5683b%0d%0a7ad19e7bbee was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5683b%0d%0a7ad19e7bbee/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5683b
7ad19e7bbee/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2147. https://fastdial.net/static/styles/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 7c509%0d%0a7b4b79b3426 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/7c509%0d%0a7b4b79b3426/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:17:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/7c509
7b4b79b3426/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2148. https://fastdial.net/static/styles/scripts/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9330c%0d%0a3aa87ecd1ce was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/scripts/9330c%0d%0a3aa87ecd1ce/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:18:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/scripts/9330c
3aa87ecd1ce/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2149. https://fastdial.net/static/styles/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e2a43%0d%0aa2c1e4c38b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e2a43%0d%0aa2c1e4c38b/styles/scripts/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:14:49 GMT
Server: Apache
Location: http://fastdial.net/e2a43
a2c1e4c38b/styles/scripts/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2150. https://fastdial.net/static/styles/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6280b%0d%0ac8ba9017888 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6280b%0d%0ac8ba9017888/scripts/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:15:06 GMT
Server: Apache
Location: http://fastdial.net/static/6280b
c8ba9017888/scripts/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2151. https://fastdial.net/static/styles/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 96f44%0d%0a2c0e41a2033 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/96f44%0d%0a2c0e41a2033/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/96f44
2c0e41a2033/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2152. https://fastdial.net/static/styles/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5773e%0d%0a9a2561dad5c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/5773e%0d%0a9a2561dad5c/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/5773e
9a2561dad5c/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2153. https://fastdial.net/static/styles/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload be26a%0d%0afaebc773792 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/scripts/be26a%0d%0afaebc773792/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/scripts/be26a
faebc773792/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2154. https://fastdial.net/static/styles/scripts/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 6d083%0d%0a9499bb54ca6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/scripts/styles/6d083%0d%0a9499bb54ca6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:17:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/scripts/styles/6d083
9499bb54ca6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2155. https://fastdial.net/static/styles/scripts/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6dcf4%0d%0ae480edd8101 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6dcf4%0d%0ae480edd8101/styles/scripts/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:15:22 GMT
Server: Apache
Location: http://fastdial.net/6dcf4
e480edd8101/styles/scripts/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2156. https://fastdial.net/static/styles/scripts/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 24058%0d%0a4930a633c5d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/24058%0d%0a4930a633c5d/scripts/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:16 GMT
Server: Apache
Location: http://fastdial.net/static/24058
4930a633c5d/scripts/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2157. https://fastdial.net/static/styles/scripts/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1d564%0d%0a8917ad9365f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1d564%0d%0a8917ad9365f/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1d564
8917ad9365f/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2158. https://fastdial.net/static/styles/scripts/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 77899%0d%0a383c0c0c50d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/77899%0d%0a383c0c0c50d/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/77899
383c0c0c50d/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2159. https://fastdial.net/static/styles/scripts/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload abd77%0d%0ae22d7a23862 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/scripts/abd77%0d%0ae22d7a23862/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:17:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/scripts/abd77
e22d7a23862/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2160. https://fastdial.net/static/styles/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2c116%0d%0a3f4b0b3f9f4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2c116%0d%0a3f4b0b3f9f4/styles/scripts/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:09:36 GMT
Server: Apache
Location: http://fastdial.net/2c116
3f4b0b3f9f4/styles/scripts/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2161. https://fastdial.net/static/styles/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 233d7%0d%0acf921935a94 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/233d7%0d%0acf921935a94/scripts/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:10:15 GMT
Server: Apache
Location: http://fastdial.net/static/233d7
cf921935a94/scripts/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2162. https://fastdial.net/static/styles/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b7530%0d%0a10d6277fcb2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b7530%0d%0a10d6277fcb2/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b7530
10d6277fcb2/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2163. https://fastdial.net/static/styles/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6237d%0d%0ac4d54d2ca9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/6237d%0d%0ac4d54d2ca9/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/6237d
c4d54d2ca9/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2164. https://fastdial.net/static/styles/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 74725%0d%0a3cd9e6a5525 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/74725%0d%0a3cd9e6a5525/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/74725
3cd9e6a5525/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2165. https://fastdial.net/static/styles/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload fb10b%0d%0a3518d326261 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/common/fb10b%0d%0a3518d326261/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/common/fb10b
3518d326261/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2166. https://fastdial.net/static/styles/scripts/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 7e064%0d%0a86767d8c092 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/common/images/7e064%0d%0a86767d8c092/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/common/images/7e064
86767d8c092/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2167. https://fastdial.net/static/styles/scripts/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5e5b9%0d%0a6e19cf260a6 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5e5b9%0d%0a6e19cf260a6/styles/scripts/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:10:07 GMT
Server: Apache
Location: http://fastdial.net/5e5b9
6e19cf260a6/styles/scripts/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2168. https://fastdial.net/static/styles/scripts/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e230d%0d%0a862d340865c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e230d%0d%0a862d340865c/scripts/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:34 GMT
Server: Apache
Location: http://fastdial.net/static/e230d
862d340865c/scripts/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2169. https://fastdial.net/static/styles/scripts/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b64d5%0d%0af5de518e7e3 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b64d5%0d%0af5de518e7e3/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b64d5
f5de518e7e3/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2170. https://fastdial.net/static/styles/scripts/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 96b1f%0d%0a851d9135433 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/96b1f%0d%0a851d9135433/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/96b1f
851d9135433/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2171. https://fastdial.net/static/styles/scripts/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3d656%0d%0a12d6a4b0096 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/3d656%0d%0a12d6a4b0096/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/3d656
12d6a4b0096/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2172. https://fastdial.net/static/styles/scripts/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 127bb%0d%0a9965a2bd0bd was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/common/127bb%0d%0a9965a2bd0bd/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/common/127bb
9965a2bd0bd/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2173. https://fastdial.net/static/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1db02%0d%0afd203b8dcb1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1db02%0d%0afd203b8dcb1/styles/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:31:31 GMT
Server: Apache
Location: http://fastdial.net/1db02
fd203b8dcb1/styles/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2174. https://fastdial.net/static/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b0010%0d%0a8ad50764c90 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b0010%0d%0a8ad50764c90/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:32:31 GMT
Server: Apache
Location: http://fastdial.net/static/b0010
8ad50764c90/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2175. https://fastdial.net/static/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 486d9%0d%0ae07c79462a5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/486d9%0d%0ae07c79462a5/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:32:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/486d9
e07c79462a5/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2176. https://fastdial.net/static/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload fb51f%0d%0a56cd5fff1e9 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/fb51f%0d%0a56cd5fff1e9/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:33:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/fb51f
56cd5fff1e9/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2177. https://fastdial.net/static/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 764e0%0d%0a513a3fd1bc6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/764e0%0d%0a513a3fd1bc6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:33:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/764e0
513a3fd1bc6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2178. https://fastdial.net/static/styles/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2424e%0d%0a6297877ea5a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2424e%0d%0a6297877ea5a/styles/scripts/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:24 GMT
Server: Apache
Location: http://fastdial.net/2424e
6297877ea5a/styles/scripts/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2179. https://fastdial.net/static/styles/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload dd3f0%0d%0a8a677bc9d0d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/dd3f0%0d%0a8a677bc9d0d/scripts/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:39 GMT
Server: Apache
Location: http://fastdial.net/static/dd3f0
8a677bc9d0d/scripts/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2180. https://fastdial.net/static/styles/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b39ca%0d%0a4bda3099b49 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b39ca%0d%0a4bda3099b49/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:09:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b39ca
4bda3099b49/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2181. https://fastdial.net/static/styles/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 89852%0d%0a16569b85284 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/89852%0d%0a16569b85284/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:09:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/89852
16569b85284/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2182. https://fastdial.net/static/styles/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5c813%0d%0af9a208f1cd6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/5c813%0d%0af9a208f1cd6/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/5c813
f9a208f1cd6/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2183. https://fastdial.net/static/styles/scripts/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload c18da%0d%0a09f626b38eb was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/common/c18da%0d%0a09f626b38eb/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:49 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/common/c18da
09f626b38eb/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2184. https://fastdial.net/static/styles/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 626db%0d%0a2b7f869bfe was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /626db%0d%0a2b7f869bfe/styles/scripts/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:12 GMT
Server: Apache
Location: http://fastdial.net/626db
2b7f869bfe/styles/scripts/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2185. https://fastdial.net/static/styles/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 17f55%0d%0a744ece0eca was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/17f55%0d%0a744ece0eca/scripts/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:27 GMT
Server: Apache
Location: http://fastdial.net/static/17f55
744ece0eca/scripts/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2186. https://fastdial.net/static/styles/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 7bbbf%0d%0a9b8ea892bc8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/7bbbf%0d%0a9b8ea892bc8/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/7bbbf
9b8ea892bc8/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2187. https://fastdial.net/static/styles/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 9f9c1%0d%0a21cadf5a3ae was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/9f9c1%0d%0a21cadf5a3ae/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/9f9c1
21cadf5a3ae/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2188. https://fastdial.net/static/styles/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b2ec2%0d%0ae43ac5eca73 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/b2ec2%0d%0ae43ac5eca73/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/b2ec2
e43ac5eca73/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2189. https://fastdial.net/static/styles/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 3d4c9%0d%0a6795abf3d87 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/common/3d4c9%0d%0a6795abf3d87/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/common/3d4c9
6795abf3d87/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2190. https://fastdial.net/static/styles/scripts/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 28e53%0d%0ab05ffaa0bed was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/common/styles/28e53%0d%0ab05ffaa0bed/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/common/styles/28e53
b05ffaa0bed/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2191. https://fastdial.net/static/styles/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 68eae%0d%0ab4f97ab20a8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /68eae%0d%0ab4f97ab20a8/styles/scripts/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:39 GMT
Server: Apache
Location: http://fastdial.net/68eae
b4f97ab20a8/styles/scripts/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2192. https://fastdial.net/static/styles/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e498b%0d%0afdae6e77b3c was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e498b%0d%0afdae6e77b3c/scripts/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:57 GMT
Server: Apache
Location: http://fastdial.net/static/e498b
fdae6e77b3c/scripts/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2193. https://fastdial.net/static/styles/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 560e2%0d%0aa90d0bcaf8b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/560e2%0d%0aa90d0bcaf8b/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/560e2
a90d0bcaf8b/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2194. https://fastdial.net/static/styles/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d74aa%0d%0acf467cbf24d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/d74aa%0d%0acf467cbf24d/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/d74aa
cf467cbf24d/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2195. https://fastdial.net/static/styles/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload cc8f7%0d%0ac05eb263ed9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/cc8f7%0d%0ac05eb263ed9/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/cc8f7
c05eb263ed9/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2196. https://fastdial.net/static/styles/scripts/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 462c2%0d%0adc988de3f8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/common/462c2%0d%0adc988de3f8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/common/462c2
dc988de3f8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2197. https://fastdial.net/static/styles/scripts/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5948a%0d%0a822e76b5d37 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5948a%0d%0a822e76b5d37/styles/scripts/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:14:28 GMT
Server: Apache
Location: http://fastdial.net/5948a
822e76b5d37/styles/scripts/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2198. https://fastdial.net/static/styles/scripts/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 616a9%0d%0a083381a0781 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/616a9%0d%0a083381a0781/scripts/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:14:47 GMT
Server: Apache
Location: http://fastdial.net/static/616a9
083381a0781/scripts/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2199. https://fastdial.net/static/styles/scripts/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ad459%0d%0a3890bbc0f29 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ad459%0d%0a3890bbc0f29/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:15:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ad459
3890bbc0f29/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2200. https://fastdial.net/static/styles/scripts/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload dfc31%0d%0af2bb1fa577d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/dfc31%0d%0af2bb1fa577d/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/dfc31
f2bb1fa577d/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2201. https://fastdial.net/static/styles/scripts/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c86cf%0d%0a4a083fdad12 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/c86cf%0d%0a4a083fdad12/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/c86cf
4a083fdad12/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2202. https://fastdial.net/static/styles/scripts/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 61be3%0d%0a1ec575e7816 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/images/61be3%0d%0a1ec575e7816/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/images/61be3
1ec575e7816/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2203. https://fastdial.net/static/styles/scripts/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ac894%0d%0aad4b529c7aa was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ac894%0d%0aad4b529c7aa/styles/scripts/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:14:39 GMT
Server: Apache
Location: http://fastdial.net/ac894
ad4b529c7aa/styles/scripts/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2204. https://fastdial.net/static/styles/scripts/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c4641%0d%0ab7136a046fa was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c4641%0d%0ab7136a046fa/scripts/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:14:58 GMT
Server: Apache
Location: http://fastdial.net/static/c4641
b7136a046fa/scripts/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2205. https://fastdial.net/static/styles/scripts/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 28bd7%0d%0a961f2d6b99 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/28bd7%0d%0a961f2d6b99/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:15:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/28bd7
961f2d6b99/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2206. https://fastdial.net/static/styles/scripts/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 17ba4%0d%0a64ef177d569 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/17ba4%0d%0a64ef177d569/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/17ba4
64ef177d569/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2207. https://fastdial.net/static/styles/scripts/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 4fb79%0d%0ab82980837d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/4fb79%0d%0ab82980837d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:16:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/4fb79
b82980837d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2208. https://fastdial.net/static/styles/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6c299%0d%0aad803edc062 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6c299%0d%0aad803edc062/styles/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:31:56 GMT
Server: Apache
Location: http://fastdial.net/6c299
ad803edc062/styles/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2209. https://fastdial.net/static/styles/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3a963%0d%0afa959330474 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3a963%0d%0afa959330474/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:32:57 GMT
Server: Apache
Location: http://fastdial.net/static/3a963
fa959330474/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2210. https://fastdial.net/static/styles/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 966c1%0d%0a36cb6da648e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/966c1%0d%0a36cb6da648e/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:33:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/966c1
36cb6da648e/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2211. https://fastdial.net/static/styles/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1f8b3%0d%0a01ece810e6c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/1f8b3%0d%0a01ece810e6c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:33:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/1f8b3
01ece810e6c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2212. https://fastdial.net/static/styles/scripts/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a1325%0d%0aaef45dbb1be was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a1325%0d%0aaef45dbb1be/styles/scripts/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:13:20 GMT
Server: Apache
Location: http://fastdial.net/a1325
aef45dbb1be/styles/scripts/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2213. https://fastdial.net/static/styles/scripts/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e46a5%0d%0a1b7b0537f49 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e46a5%0d%0a1b7b0537f49/scripts/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:13:41 GMT
Server: Apache
Location: http://fastdial.net/static/e46a5
1b7b0537f49/scripts/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2214. https://fastdial.net/static/styles/scripts/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ef1f5%0d%0a9faf1f3561e was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ef1f5%0d%0a9faf1f3561e/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:13:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ef1f5
9faf1f3561e/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2215. https://fastdial.net/static/styles/scripts/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d5c32%0d%0af66b32ee79a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/d5c32%0d%0af66b32ee79a/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:14:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/d5c32
f66b32ee79a/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2216. https://fastdial.net/static/styles/scripts/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 63b44%0d%0ac724092e3d2 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/63b44%0d%0ac724092e3d2/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:14:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/63b44
c724092e3d2/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2217. https://fastdial.net/static/styles/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c14c6%0d%0a87335d5fccd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c14c6%0d%0a87335d5fccd/styles/scripts/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:10:29 GMT
Server: Apache
Location: http://fastdial.net/c14c6
87335d5fccd/styles/scripts/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2218. https://fastdial.net/static/styles/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 541b6%0d%0ad13554d02e7 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/541b6%0d%0ad13554d02e7/scripts/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:43 GMT
Server: Apache
Location: http://fastdial.net/static/541b6
d13554d02e7/scripts/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2219. https://fastdial.net/static/styles/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 541c7%0d%0aad9df27cfd4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/541c7%0d%0aad9df27cfd4/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/541c7
ad9df27cfd4/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2220. https://fastdial.net/static/styles/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 538b9%0d%0a15e3054a9f5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/538b9%0d%0a15e3054a9f5/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/538b9
15e3054a9f5/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2221. https://fastdial.net/static/styles/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2a885%0d%0ac00095f2941 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/2a885%0d%0ac00095f2941/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/2a885
c00095f2941/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2222. https://fastdial.net/static/styles/scripts/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a9cd6%0d%0aece74bc74f0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/styles/a9cd6%0d%0aece74bc74f0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/styles/a9cd6
ece74bc74f0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2223. https://fastdial.net/static/styles/scripts/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3ffaa%0d%0a94ac2e6a803 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3ffaa%0d%0a94ac2e6a803/styles/scripts/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:10:53 GMT
Server: Apache
Location: http://fastdial.net/3ffaa
94ac2e6a803/styles/scripts/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2224. https://fastdial.net/static/styles/scripts/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 98279%0d%0a8a5ee918732 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/98279%0d%0a8a5ee918732/scripts/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:44 GMT
Server: Apache
Location: http://fastdial.net/static/98279
8a5ee918732/scripts/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2225. https://fastdial.net/static/styles/scripts/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 11c7b%0d%0aeb543bea1d6 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/11c7b%0d%0aeb543bea1d6/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:11:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/11c7b
eb543bea1d6/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2226. https://fastdial.net/static/styles/scripts/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 71023%0d%0a522036e9a40 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/71023%0d%0a522036e9a40/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/71023
522036e9a40/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2227. https://fastdial.net/static/styles/scripts/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/scripts/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 78576%0d%0a9287ae8a522 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/scripts/styles/78576%0d%0a9287ae8a522/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:12:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/scripts/styles/78576
9287ae8a522/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2228. https://fastdial.net/static/styles/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fff00%0d%0ada76001acff was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fff00%0d%0ada76001acff/styles/styles/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:47:11 GMT
Server: Apache
Location: http://fastdial.net/fff00
da76001acff/styles/styles/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2229. https://fastdial.net/static/styles/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a0d45%0d%0a3563b0a7c50 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a0d45%0d%0a3563b0a7c50/styles/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:47:21 GMT
Server: Apache
Location: http://fastdial.net/static/a0d45
3563b0a7c50/styles/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2230. https://fastdial.net/static/styles/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 84f6c%0d%0ac2d518d8ec7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/84f6c%0d%0ac2d518d8ec7/common/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:47:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/84f6c
c2d518d8ec7/common/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2231. https://fastdial.net/static/styles/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 1af28%0d%0aee2d5702f5a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/1af28%0d%0aee2d5702f5a/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:47:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/1af28
ee2d5702f5a/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2232. https://fastdial.net/static/styles/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ec7e1%0d%0abd1cad3eacb was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/ec7e1%0d%0abd1cad3eacb/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/ec7e1
bd1cad3eacb/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2233. https://fastdial.net/static/styles/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 21aba%0d%0a161e3b54a87 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/21aba%0d%0a161e3b54a87/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/21aba
161e3b54a87/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2234. https://fastdial.net/static/styles/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d19eb%0d%0aae6b862e7ad was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/common/d19eb%0d%0aae6b862e7ad/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/common/d19eb
ae6b862e7ad/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2235. https://fastdial.net/static/styles/styles/common/images/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload d1718%0d%0ad3ce274c12b was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/common/images/d1718%0d%0ad3ce274c12b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/common/images/d1718
d3ce274c12b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2236. https://fastdial.net/static/styles/styles/common/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4fdc5%0d%0ace5f7f9a649 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4fdc5%0d%0ace5f7f9a649/styles/styles/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:47:44 GMT
Server: Apache
Location: http://fastdial.net/4fdc5
ce5f7f9a649/styles/styles/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2237. https://fastdial.net/static/styles/styles/common/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f465b%0d%0a48938540fd3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f465b%0d%0a48938540fd3/styles/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:01 GMT
Server: Apache
Location: http://fastdial.net/static/f465b
48938540fd3/styles/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2238. https://fastdial.net/static/styles/styles/common/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 982b3%0d%0a8186f0ae115 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/982b3%0d%0a8186f0ae115/common/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/982b3
8186f0ae115/common/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2239. https://fastdial.net/static/styles/styles/common/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 3e07a%0d%0a401c6a4fe38 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/3e07a%0d%0a401c6a4fe38/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/3e07a
401c6a4fe38/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2240. https://fastdial.net/static/styles/styles/common/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 965b7%0d%0a28d99c473c0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/965b7%0d%0a28d99c473c0/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/965b7
28d99c473c0/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2241. https://fastdial.net/static/styles/styles/common/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a6b11%0d%0a1c61d96fe73 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/a6b11%0d%0a1c61d96fe73/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/a6b11
1c61d96fe73/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2242. https://fastdial.net/static/styles/styles/common/images/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload c1fb9%0d%0a322e88c9800 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/common/c1fb9%0d%0a322e88c9800/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/common/c1fb9
322e88c9800/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2243. https://fastdial.net/static/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d9160%0d%0a5120a0fd8f3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d9160%0d%0a5120a0fd8f3/styles/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:22:07 GMT
Server: Apache
Location: http://fastdial.net/d9160
5120a0fd8f3/styles/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2244. https://fastdial.net/static/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5c565%0d%0ab44eb3f6127 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5c565%0d%0ab44eb3f6127/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:24:29 GMT
Server: Apache
Location: http://fastdial.net/static/5c565
b44eb3f6127/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2245. https://fastdial.net/static/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f7df4%0d%0a29cd58eef60 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f7df4%0d%0a29cd58eef60/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:24:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f7df4
29cd58eef60/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2246. https://fastdial.net/static/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d1e41%0d%0a4f69671452c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/d1e41%0d%0a4f69671452c/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:25:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/d1e41
4f69671452c/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2247. https://fastdial.net/static/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a607a%0d%0a4629aaddbb4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/a607a%0d%0a4629aaddbb4/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:26:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/a607a
4629aaddbb4/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2248. https://fastdial.net/static/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload cf98b%0d%0a012bb47fa3e was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/cf98b%0d%0a012bb47fa3e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:26:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/cf98b
012bb47fa3e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2249. https://fastdial.net/static/styles/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fed7c%0d%0a86e7d2732f2 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fed7c%0d%0a86e7d2732f2/styles/styles/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:47 GMT
Server: Apache
Location: http://fastdial.net/fed7c
86e7d2732f2/styles/styles/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2250. https://fastdial.net/static/styles/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4ce8c%0d%0a86f01bd683e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4ce8c%0d%0a86f01bd683e/styles/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:04 GMT
Server: Apache
Location: http://fastdial.net/static/4ce8c
86f01bd683e/styles/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2251. https://fastdial.net/static/styles/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b0e04%0d%0a5ac61e7fa64 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b0e04%0d%0a5ac61e7fa64/common/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b0e04
5ac61e7fa64/common/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2252. https://fastdial.net/static/styles/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 5faee%0d%0a8c4df4eaad3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/5faee%0d%0a8c4df4eaad3/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/5faee
8c4df4eaad3/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2253. https://fastdial.net/static/styles/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b7839%0d%0ad2a0077417e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/b7839%0d%0ad2a0077417e/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/b7839
d2a0077417e/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2254. https://fastdial.net/static/styles/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 5d144%0d%0a68207fd4915 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/5d144%0d%0a68207fd4915/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/5d144
68207fd4915/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2255. https://fastdial.net/static/styles/styles/common/images/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 47f1a%0d%0a562aa18cae3 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/common/47f1a%0d%0a562aa18cae3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:47:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/common/47f1a
562aa18cae3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2256. https://fastdial.net/static/styles/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload bd946%0d%0afcc8c68cee6 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /bd946%0d%0afcc8c68cee6/styles/styles/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:35 GMT
Server: Apache
Location: http://fastdial.net/bd946
fcc8c68cee6/styles/styles/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2257. https://fastdial.net/static/styles/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c0dd3%0d%0af7d1ff6d7ad was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c0dd3%0d%0af7d1ff6d7ad/styles/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:46 GMT
Server: Apache
Location: http://fastdial.net/static/c0dd3
f7d1ff6d7ad/styles/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2258. https://fastdial.net/static/styles/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5013e%0d%0ad761f17b2af was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5013e%0d%0ad761f17b2af/common/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5013e
d761f17b2af/common/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2259. https://fastdial.net/static/styles/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 59d5c%0d%0a446427c1465 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/59d5c%0d%0a446427c1465/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/59d5c
446427c1465/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2260. https://fastdial.net/static/styles/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 463f2%0d%0aef7d1c495eb was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/463f2%0d%0aef7d1c495eb/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/463f2
ef7d1c495eb/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2261. https://fastdial.net/static/styles/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7f82b%0d%0ab0b4aec1fa2 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/7f82b%0d%0ab0b4aec1fa2/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/7f82b
b0b4aec1fa2/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2262. https://fastdial.net/static/styles/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload dc84b%0d%0ad39e3f7a378 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/common/dc84b%0d%0ad39e3f7a378/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:47:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/common/dc84b
d39e3f7a378/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2263. https://fastdial.net/static/styles/styles/common/images/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload c3e80%0d%0a47827fe2f8d was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/common/styles/c3e80%0d%0a47827fe2f8d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:47:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/common/styles/c3e80
47827fe2f8d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2264. https://fastdial.net/static/styles/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 862b3%0d%0a73ffdf83ac0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /862b3%0d%0a73ffdf83ac0/styles/styles/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:45 GMT
Server: Apache
Location: http://fastdial.net/862b3
73ffdf83ac0/styles/styles/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2265. https://fastdial.net/static/styles/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c183d%0d%0a01db5beea7d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c183d%0d%0a01db5beea7d/styles/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:58 GMT
Server: Apache
Location: http://fastdial.net/static/c183d
01db5beea7d/styles/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2266. https://fastdial.net/static/styles/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 4710b%0d%0a1cf2531428 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/4710b%0d%0a1cf2531428/common/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/4710b
1cf2531428/common/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2267. https://fastdial.net/static/styles/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload bfde5%0d%0af6040f1ff23 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/bfde5%0d%0af6040f1ff23/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/bfde5
f6040f1ff23/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2268. https://fastdial.net/static/styles/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3271a%0d%0ad98a1a86247 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/3271a%0d%0ad98a1a86247/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/3271a
d98a1a86247/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2269. https://fastdial.net/static/styles/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 6693a%0d%0ac113cf94df5 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/6693a%0d%0ac113cf94df5/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:46:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/6693a
c113cf94df5/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2270. https://fastdial.net/static/styles/styles/common/images/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 6dca1%0d%0ab375849cd5c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/common/6dca1%0d%0ab375849cd5c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:47:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/common/6dca1
b375849cd5c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2271. https://fastdial.net/static/styles/styles/common/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c178a%0d%0aa1ebc7dba3 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c178a%0d%0aa1ebc7dba3/styles/styles/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:50:21 GMT
Server: Apache
Location: http://fastdial.net/c178a
a1ebc7dba3/styles/styles/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2272. https://fastdial.net/static/styles/styles/common/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 56306%0d%0a1f130cf5477 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/56306%0d%0a1f130cf5477/styles/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:50:36 GMT
Server: Apache
Location: http://fastdial.net/static/56306
1f130cf5477/styles/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2273. https://fastdial.net/static/styles/styles/common/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2abc8%0d%0ae103ac60f4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/2abc8%0d%0ae103ac60f4/common/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:50:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/2abc8
e103ac60f4/common/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2274. https://fastdial.net/static/styles/styles/common/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 3d916%0d%0ab87f3da2159 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/3d916%0d%0ab87f3da2159/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/3d916
b87f3da2159/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2275. https://fastdial.net/static/styles/styles/common/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 8d956%0d%0a43cc85c5ecb was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/8d956%0d%0a43cc85c5ecb/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:15 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/8d956
43cc85c5ecb/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2276. https://fastdial.net/static/styles/styles/common/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 419ca%0d%0a35d4ab86220 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/419ca%0d%0a35d4ab86220/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/419ca
35d4ab86220/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2277. https://fastdial.net/static/styles/styles/common/images/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload dd229%0d%0ad85cdb3208c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/images/dd229%0d%0ad85cdb3208c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/images/dd229
d85cdb3208c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2278. https://fastdial.net/static/styles/styles/common/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d7653%0d%0a280a75214c7 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d7653%0d%0a280a75214c7/styles/styles/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:50:57 GMT
Server: Apache
Location: http://fastdial.net/d7653
280a75214c7/styles/styles/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2279. https://fastdial.net/static/styles/styles/common/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2df5d%0d%0a778ae5dc211 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2df5d%0d%0a778ae5dc211/styles/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:08 GMT
Server: Apache
Location: http://fastdial.net/static/2df5d
778ae5dc211/styles/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2280. https://fastdial.net/static/styles/styles/common/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 574b6%0d%0a5633f41b9b2 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/574b6%0d%0a5633f41b9b2/common/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/574b6
5633f41b9b2/common/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2281. https://fastdial.net/static/styles/styles/common/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload bde82%0d%0a2b6a36d455e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/bde82%0d%0a2b6a36d455e/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/bde82
2b6a36d455e/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2282. https://fastdial.net/static/styles/styles/common/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 6caaa%0d%0a5086833dc5b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/6caaa%0d%0a5086833dc5b/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/6caaa
5086833dc5b/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2283. https://fastdial.net/static/styles/styles/common/images/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload ace22%0d%0acd531127ce1 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/ace22%0d%0acd531127ce1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/ace22
cd531127ce1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2284. https://fastdial.net/static/styles/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload c2a76%0d%0a4da77684d22 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /c2a76%0d%0a4da77684d22/styles/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:22:20 GMT
Server: Apache
Location: http://fastdial.net/c2a76
4da77684d22/styles/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2285. https://fastdial.net/static/styles/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 776bd%0d%0a1909a393920 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/776bd%0d%0a1909a393920/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:24:18 GMT
Server: Apache
Location: http://fastdial.net/static/776bd
1909a393920/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2286. https://fastdial.net/static/styles/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2e592%0d%0a5ebf29c13df was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/2e592%0d%0a5ebf29c13df/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:24:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/2e592
5ebf29c13df/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2287. https://fastdial.net/static/styles/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 61d06%0d%0a194ee38a9e7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/61d06%0d%0a194ee38a9e7/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:25:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/61d06
194ee38a9e7/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2288. https://fastdial.net/static/styles/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 37bdd%0d%0a31257f71676 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/37bdd%0d%0a31257f71676/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:25:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/37bdd
31257f71676/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2289. https://fastdial.net/static/styles/styles/common/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f06dc%0d%0a3d690615e18 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f06dc%0d%0a3d690615e18/styles/styles/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:22 GMT
Server: Apache
Location: http://fastdial.net/f06dc
3d690615e18/styles/styles/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2290. https://fastdial.net/static/styles/styles/common/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5c0dd%0d%0a4de643d169b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5c0dd%0d%0a4de643d169b/styles/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:34 GMT
Server: Apache
Location: http://fastdial.net/static/5c0dd
4de643d169b/styles/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2291. https://fastdial.net/static/styles/styles/common/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload dc8f6%0d%0aac322b38615 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/dc8f6%0d%0aac322b38615/common/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/dc8f6
ac322b38615/common/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2292. https://fastdial.net/static/styles/styles/common/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 350d9%0d%0afb792f183c3 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/350d9%0d%0afb792f183c3/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:50:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/350d9
fb792f183c3/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2293. https://fastdial.net/static/styles/styles/common/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f35cf%0d%0aa89ba5d57d4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/f35cf%0d%0aa89ba5d57d4/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:50:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/f35cf
a89ba5d57d4/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2294. https://fastdial.net/static/styles/styles/common/images/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b1489%0d%0a5c61af3446a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/b1489%0d%0a5c61af3446a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:50:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/b1489
5c61af3446a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2295. https://fastdial.net/static/styles/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9f507%0d%0a15220ad153c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9f507%0d%0a15220ad153c/styles/styles/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:01 GMT
Server: Apache
Location: http://fastdial.net/9f507
15220ad153c/styles/styles/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2296. https://fastdial.net/static/styles/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4e43f%0d%0afb654d985e0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4e43f%0d%0afb654d985e0/styles/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:19 GMT
Server: Apache
Location: http://fastdial.net/static/4e43f
fb654d985e0/styles/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2297. https://fastdial.net/static/styles/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 74c1c%0d%0a47a3cce3edf was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/74c1c%0d%0a47a3cce3edf/common/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/74c1c
47a3cce3edf/common/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2298. https://fastdial.net/static/styles/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 67bd5%0d%0afe699afd975 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/67bd5%0d%0afe699afd975/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/67bd5
fe699afd975/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2299. https://fastdial.net/static/styles/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1030e%0d%0a01dd182144 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/1030e%0d%0a01dd182144/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/1030e
01dd182144/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2300. https://fastdial.net/static/styles/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 72a14%0d%0aca9708f1f26 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/72a14%0d%0aca9708f1f26/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/72a14
ca9708f1f26/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2301. https://fastdial.net/static/styles/styles/common/images/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 88b9f%0d%0abcc32e4648f was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/styles/88b9f%0d%0abcc32e4648f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/styles/88b9f
bcc32e4648f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2302. https://fastdial.net/static/styles/styles/common/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 768cf%0d%0a4239b687e5a was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /768cf%0d%0a4239b687e5a/styles/styles/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:48:51 GMT
Server: Apache
Location: http://fastdial.net/768cf
4239b687e5a/styles/styles/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2303. https://fastdial.net/static/styles/styles/common/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 108f7%0d%0a5f581255ea3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/108f7%0d%0a5f581255ea3/styles/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:05 GMT
Server: Apache
Location: http://fastdial.net/static/108f7
5f581255ea3/styles/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2304. https://fastdial.net/static/styles/styles/common/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b2c88%0d%0a63cc421a2b8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b2c88%0d%0a63cc421a2b8/common/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b2c88
63cc421a2b8/common/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2305. https://fastdial.net/static/styles/styles/common/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 56768%0d%0a77656c140da was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/56768%0d%0a77656c140da/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/56768
77656c140da/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2306. https://fastdial.net/static/styles/styles/common/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 259b1%0d%0a02d63477ef5 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/259b1%0d%0a02d63477ef5/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:49:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/259b1
02d63477ef5/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2307. https://fastdial.net/static/styles/styles/common/images/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f975d%0d%0ad27c5cb50fa was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/images/f975d%0d%0ad27c5cb50fa/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:50:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/images/f975d
d27c5cb50fa/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2308. https://fastdial.net/static/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 84a4d%0d%0a01b5e23433 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /84a4d%0d%0a01b5e23433/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:21:25 GMT
Server: Apache
Location: http://fastdial.net/84a4d
01b5e23433/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2309. https://fastdial.net/static/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2aa5d%0d%0a2c7cf2ebf94 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2aa5d%0d%0a2c7cf2ebf94/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:21:42 GMT
Server: Apache
Location: http://fastdial.net/static/2aa5d
2c7cf2ebf94/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2310. https://fastdial.net/static/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload a6f2e%0d%0ab85b8dde091 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/a6f2e%0d%0ab85b8dde091/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:23:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/a6f2e
b85b8dde091/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2311. https://fastdial.net/static/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6811c%0d%0ab1ec46f8a5d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/6811c%0d%0ab1ec46f8a5d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:24:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/6811c
b1ec46f8a5d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2312. https://fastdial.net/static/styles/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 40e42%0d%0a180277f7d8b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /40e42%0d%0a180277f7d8b/styles/styles/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:44:16 GMT
Server: Apache
Location: http://fastdial.net/40e42
180277f7d8b/styles/styles/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2313. https://fastdial.net/static/styles/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2b8b6%0d%0acf281ca3574 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2b8b6%0d%0acf281ca3574/styles/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:44:29 GMT
Server: Apache
Location: http://fastdial.net/static/2b8b6
cf281ca3574/styles/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2314. https://fastdial.net/static/styles/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c2f37%0d%0a1f707b1a893 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c2f37%0d%0a1f707b1a893/common/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:44:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c2f37
1f707b1a893/common/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2315. https://fastdial.net/static/styles/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 37876%0d%0a160ffe16d6c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/37876%0d%0a160ffe16d6c/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:44:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/37876
160ffe16d6c/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2316. https://fastdial.net/static/styles/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b8ba2%0d%0a630f1314484 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/b8ba2%0d%0a630f1314484/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/b8ba2
630f1314484/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2317. https://fastdial.net/static/styles/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f45ef%0d%0aec7f50a48dc was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/scripts/f45ef%0d%0aec7f50a48dc/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/scripts/f45ef
ec7f50a48dc/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2318. https://fastdial.net/static/styles/styles/common/scripts/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload e6699%0d%0a9191610e23d was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/scripts/images/e6699%0d%0a9191610e23d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/scripts/images/e6699
9191610e23d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2319. https://fastdial.net/static/styles/styles/common/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 9f234%0d%0a242e66052bb was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /9f234%0d%0a242e66052bb/styles/styles/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:44:23 GMT
Server: Apache
Location: http://fastdial.net/9f234
242e66052bb/styles/styles/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2320. https://fastdial.net/static/styles/styles/common/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3306f%0d%0aadaf1c51a5b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3306f%0d%0aadaf1c51a5b/styles/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:44:33 GMT
Server: Apache
Location: http://fastdial.net/static/3306f
adaf1c51a5b/styles/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2321. https://fastdial.net/static/styles/styles/common/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6ef0e%0d%0a46904bd0dd1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/6ef0e%0d%0a46904bd0dd1/common/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:44:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/6ef0e
46904bd0dd1/common/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2322. https://fastdial.net/static/styles/styles/common/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a8243%0d%0a108b94abed5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/a8243%0d%0a108b94abed5/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/a8243
108b94abed5/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2323. https://fastdial.net/static/styles/styles/common/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9476b%0d%0a435339019a6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/9476b%0d%0a435339019a6/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/9476b
435339019a6/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2324. https://fastdial.net/static/styles/styles/common/scripts/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a607c%0d%0ab13a1a601c8 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/scripts/a607c%0d%0ab13a1a601c8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:45:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/scripts/a607c
b13a1a601c8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2325. https://fastdial.net/static/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a399e%0d%0ab55924457eb was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a399e%0d%0ab55924457eb/styles/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:21:22 GMT
Server: Apache
Location: http://fastdial.net/a399e
b55924457eb/styles/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2326. https://fastdial.net/static/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload a0268%0d%0a98de66b514f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/a0268%0d%0a98de66b514f/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:24:19 GMT
Server: Apache
Location: http://fastdial.net/static/a0268
98de66b514f/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2327. https://fastdial.net/static/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 302c1%0d%0ab229a77ea6d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/302c1%0d%0ab229a77ea6d/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:24:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/302c1
b229a77ea6d/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2328. https://fastdial.net/static/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 25905%0d%0a951b3ac403f was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/25905%0d%0a951b3ac403f/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:25:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/25905
951b3ac403f/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2329. https://fastdial.net/static/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 67450%0d%0a46bb63e1af0 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/67450%0d%0a46bb63e1af0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:26:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/67450
46bb63e1af0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2330. https://fastdial.net/static/styles/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f399d%0d%0a460abe97b8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f399d%0d%0a460abe97b8/styles/styles/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:32 GMT
Server: Apache
Location: http://fastdial.net/f399d
460abe97b8/styles/styles/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2331. https://fastdial.net/static/styles/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 479e6%0d%0aaacef2c1940 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/479e6%0d%0aaacef2c1940/styles/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:45 GMT
Server: Apache
Location: http://fastdial.net/static/479e6
aacef2c1940/styles/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2332. https://fastdial.net/static/styles/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f32dc%0d%0ada7a21ef416 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f32dc%0d%0ada7a21ef416/common/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f32dc
da7a21ef416/common/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2333. https://fastdial.net/static/styles/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4b864%0d%0a265678e27ca was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/4b864%0d%0a265678e27ca/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:43:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/4b864
265678e27ca/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2334. https://fastdial.net/static/styles/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 7bd45%0d%0a2f340dfa295 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/7bd45%0d%0a2f340dfa295/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:43:27 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/7bd45
2f340dfa295/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2335. https://fastdial.net/static/styles/styles/common/scripts/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a20ae%0d%0a975828be0ed was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/scripts/a20ae%0d%0a975828be0ed/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:43:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/scripts/a20ae
975828be0ed/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2336. https://fastdial.net/static/styles/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload af340%0d%0a6aebb3960f9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /af340%0d%0a6aebb3960f9/styles/styles/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:03 GMT
Server: Apache
Location: http://fastdial.net/af340
6aebb3960f9/styles/styles/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2337. https://fastdial.net/static/styles/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f1005%0d%0af00f111f68d was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f1005%0d%0af00f111f68d/styles/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:23 GMT
Server: Apache
Location: http://fastdial.net/static/f1005
f00f111f68d/styles/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2338. https://fastdial.net/static/styles/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ed0c7%0d%0a685c596a679 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ed0c7%0d%0a685c596a679/common/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ed0c7
685c596a679/common/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2339. https://fastdial.net/static/styles/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 86175%0d%0a752d5f7e325 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/86175%0d%0a752d5f7e325/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/86175
752d5f7e325/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2340. https://fastdial.net/static/styles/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 96fd6%0d%0a9ea7b604eda was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/96fd6%0d%0a9ea7b604eda/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:43:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/96fd6
9ea7b604eda/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2341. https://fastdial.net/static/styles/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload b67d5%0d%0aac758e55867 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/scripts/b67d5%0d%0aac758e55867/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:43:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/scripts/b67d5
ac758e55867/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2342. https://fastdial.net/static/styles/styles/common/scripts/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 73cb8%0d%0a123b5343af4 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/scripts/styles/73cb8%0d%0a123b5343af4/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:43:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/scripts/styles/73cb8
123b5343af4/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2343. https://fastdial.net/static/styles/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e5617%0d%0a741c6e14c02 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e5617%0d%0a741c6e14c02/styles/styles/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:26 GMT
Server: Apache
Location: http://fastdial.net/e5617
741c6e14c02/styles/styles/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2344. https://fastdial.net/static/styles/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6d5c7%0d%0a679f8d95442 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6d5c7%0d%0a679f8d95442/styles/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:37 GMT
Server: Apache
Location: http://fastdial.net/static/6d5c7
679f8d95442/styles/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2345. https://fastdial.net/static/styles/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 2a857%0d%0a2ae246e8356 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/2a857%0d%0a2ae246e8356/common/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/2a857
2ae246e8356/common/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2346. https://fastdial.net/static/styles/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e07ab%0d%0a53103fab888 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/e07ab%0d%0a53103fab888/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:43:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/e07ab
53103fab888/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2347. https://fastdial.net/static/styles/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e9e03%0d%0a672a0432336 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/e9e03%0d%0a672a0432336/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:43:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/e9e03
672a0432336/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2348. https://fastdial.net/static/styles/styles/common/scripts/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 53729%0d%0a1bc7a97e7d7 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/scripts/53729%0d%0a1bc7a97e7d7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:43:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/scripts/53729
1bc7a97e7d7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2349. https://fastdial.net/static/styles/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 177ff%0d%0a229695e88b7 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /177ff%0d%0a229695e88b7/styles/styles/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:14 GMT
Server: Apache
Location: http://fastdial.net/177ff
229695e88b7/styles/styles/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2350. https://fastdial.net/static/styles/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload dc7a3%0d%0a60a12698a7f was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/dc7a3%0d%0a60a12698a7f/styles/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:26 GMT
Server: Apache
Location: http://fastdial.net/static/dc7a3
60a12698a7f/styles/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2351. https://fastdial.net/static/styles/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 90d44%0d%0a5afe46171ad was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/90d44%0d%0a5afe46171ad/common/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/90d44
5afe46171ad/common/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2352. https://fastdial.net/static/styles/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload bb151%0d%0ad3e78376856 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/bb151%0d%0ad3e78376856/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/bb151
d3e78376856/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2353. https://fastdial.net/static/styles/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c747f%0d%0a359a8b53ea6 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/c747f%0d%0a359a8b53ea6/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/c747f
359a8b53ea6/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2354. https://fastdial.net/static/styles/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7711a%0d%0ac92c15942c3 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/7711a%0d%0ac92c15942c3/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/7711a
c92c15942c3/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2355. https://fastdial.net/static/styles/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 57932%0d%0a56f85eefab was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/common/57932%0d%0a56f85eefab/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/common/57932
56f85eefab/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2356. https://fastdial.net/static/styles/styles/common/styles/common/images/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload 8d0b8%0d%0afa6214f5e61 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/common/images/8d0b8%0d%0afa6214f5e61/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/common/images/8d0b8
fa6214f5e61/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2357. https://fastdial.net/static/styles/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f7cd9%0d%0a3e6ab2ee383 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f7cd9%0d%0a3e6ab2ee383/styles/styles/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:48 GMT
Server: Apache
Location: http://fastdial.net/f7cd9
3e6ab2ee383/styles/styles/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2358. https://fastdial.net/static/styles/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 610e5%0d%0a543575af935 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/610e5%0d%0a543575af935/styles/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:02 GMT
Server: Apache
Location: http://fastdial.net/static/610e5
543575af935/styles/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2359. https://fastdial.net/static/styles/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 18bc4%0d%0ab894a6070d5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/18bc4%0d%0ab894a6070d5/common/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/18bc4
b894a6070d5/common/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2360. https://fastdial.net/static/styles/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8671f%0d%0a05c8823397a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/8671f%0d%0a05c8823397a/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/8671f
05c8823397a/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2361. https://fastdial.net/static/styles/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload c747d%0d%0a9565bc70543 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/c747d%0d%0a9565bc70543/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/c747d
9565bc70543/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2362. https://fastdial.net/static/styles/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload f99a3%0d%0a667b36839fd was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/f99a3%0d%0a667b36839fd/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:56 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/f99a3
667b36839fd/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2363. https://fastdial.net/static/styles/styles/common/styles/common/images/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload bf0cc%0d%0a7b915ccb91b was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/common/bf0cc%0d%0a7b915ccb91b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/common/bf0cc
7b915ccb91b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2364. https://fastdial.net/static/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8dc18%0d%0a87196c2037c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8dc18%0d%0a87196c2037c/styles/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:18:46 GMT
Server: Apache
Location: http://fastdial.net/8dc18
87196c2037c/styles/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2365. https://fastdial.net/static/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 84967%0d%0ad320d91b7f2 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/84967%0d%0ad320d91b7f2/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:09 GMT
Server: Apache
Location: http://fastdial.net/static/84967
d320d91b7f2/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2366. https://fastdial.net/static/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 96126%0d%0a49c66fb5692 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/96126%0d%0a49c66fb5692/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/96126
49c66fb5692/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2367. https://fastdial.net/static/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 43df3%0d%0af7644a76070 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/43df3%0d%0af7644a76070/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/43df3
f7644a76070/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2368. https://fastdial.net/static/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 54d68%0d%0a7a070a8698d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/54d68%0d%0a7a070a8698d/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:19:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/54d68
7a070a8698d/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2369. https://fastdial.net/static/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload a8b5b%0d%0aa270621b542 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/a8b5b%0d%0aa270621b542/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:20:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/a8b5b
a270621b542/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2370. https://fastdial.net/static/styles/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d8f0e%0d%0a226fbacbe0e was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d8f0e%0d%0a226fbacbe0e/styles/styles/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:42 GMT
Server: Apache
Location: http://fastdial.net/d8f0e
226fbacbe0e/styles/styles/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2371. https://fastdial.net/static/styles/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload ec367%0d%0a80508e06785 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/ec367%0d%0a80508e06785/styles/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:53 GMT
Server: Apache
Location: http://fastdial.net/static/ec367
80508e06785/styles/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2372. https://fastdial.net/static/styles/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload ff6c0%0d%0ac27f45b1e8d was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/ff6c0%0d%0ac27f45b1e8d/common/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/ff6c0
c27f45b1e8d/common/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2373. https://fastdial.net/static/styles/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 639ea%0d%0ad9ab921777b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/639ea%0d%0ad9ab921777b/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/639ea
d9ab921777b/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2374. https://fastdial.net/static/styles/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 818c8%0d%0acf184859a1f was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/818c8%0d%0acf184859a1f/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/818c8
cf184859a1f/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2375. https://fastdial.net/static/styles/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 93c14%0d%0a45da7a96ab9 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/93c14%0d%0a45da7a96ab9/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/93c14
45da7a96ab9/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2376. https://fastdial.net/static/styles/styles/common/styles/common/scripts/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 53193%0d%0a9f1c0a06a50 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/common/53193%0d%0a9f1c0a06a50/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:38:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/common/53193
9f1c0a06a50/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2377. https://fastdial.net/static/styles/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3735f%0d%0ab7a50b2b766 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3735f%0d%0ab7a50b2b766/styles/styles/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:35:53 GMT
Server: Apache
Location: http://fastdial.net/3735f
b7a50b2b766/styles/styles/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2378. https://fastdial.net/static/styles/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 39f28%0d%0a73c7308572b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/39f28%0d%0a73c7308572b/styles/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:07 GMT
Server: Apache
Location: http://fastdial.net/static/39f28
73c7308572b/styles/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2379. https://fastdial.net/static/styles/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 973cc%0d%0a6a9a7bf49ce was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/973cc%0d%0a6a9a7bf49ce/common/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/973cc
6a9a7bf49ce/common/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2380. https://fastdial.net/static/styles/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a3a62%0d%0ab4195be8404 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/a3a62%0d%0ab4195be8404/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/a3a62
b4195be8404/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2381. https://fastdial.net/static/styles/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 9b622%0d%0a9e4399eda5d was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/9b622%0d%0a9e4399eda5d/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:49 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/9b622
9e4399eda5d/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2382. https://fastdial.net/static/styles/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload e0a2d%0d%0ab267c0d4fc9 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/e0a2d%0d%0ab267c0d4fc9/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/e0a2d
b267c0d4fc9/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2383. https://fastdial.net/static/styles/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 83ec3%0d%0aa34e2cc9e9e was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/common/83ec3%0d%0aa34e2cc9e9e/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/common/83ec3
a34e2cc9e9e/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2384. https://fastdial.net/static/styles/styles/common/styles/common/styles/common/rsscategory.sc [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 8 is copied into the Location response header. The payload d0e44%0d%0ab9615c091f7 was submitted in the REST URL parameter 8. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/common/styles/d0e44%0d%0ab9615c091f7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/common/styles/d0e44
b9615c091f7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2385. https://fastdial.net/static/styles/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e5f00%0d%0a2588f506630 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e5f00%0d%0a2588f506630/styles/styles/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:04 GMT
Server: Apache
Location: http://fastdial.net/e5f00
2588f506630/styles/styles/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2386. https://fastdial.net/static/styles/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 565cf%0d%0a774bf05fafd was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/565cf%0d%0a774bf05fafd/styles/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:18 GMT
Server: Apache
Location: http://fastdial.net/static/565cf
774bf05fafd/styles/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2387. https://fastdial.net/static/styles/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 88d2a%0d%0afeaa853dfef was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/88d2a%0d%0afeaa853dfef/common/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/88d2a
feaa853dfef/common/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2388. https://fastdial.net/static/styles/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload de6b8%0d%0a5a256925bcc was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/de6b8%0d%0a5a256925bcc/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/de6b8
5a256925bcc/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2389. https://fastdial.net/static/styles/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload f7ac1%0d%0a4d4e1d017a8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/f7ac1%0d%0a4d4e1d017a8/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:36:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/f7ac1
4d4e1d017a8/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2390. https://fastdial.net/static/styles/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload e0c3d%0d%0a82b738df447 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/e0c3d%0d%0a82b738df447/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/e0c3d
82b738df447/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2391. https://fastdial.net/static/styles/styles/common/styles/common/styles/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload f69c4%0d%0aada9b4816c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/common/f69c4%0d%0aada9b4816c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:37:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/common/f69c4
ada9b4816c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2392. https://fastdial.net/static/styles/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 66415%0d%0acf92b61cfa8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /66415%0d%0acf92b61cfa8/styles/styles/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:19 GMT
Server: Apache
Location: http://fastdial.net/66415
cf92b61cfa8/styles/styles/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2393. https://fastdial.net/static/styles/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload f939f%0d%0afdd35512d70 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/f939f%0d%0afdd35512d70/styles/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:37 GMT
Server: Apache
Location: http://fastdial.net/static/f939f
fdd35512d70/styles/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2394. https://fastdial.net/static/styles/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9d94c%0d%0a34c02b38ba4 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/9d94c%0d%0a34c02b38ba4/common/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/9d94c
34c02b38ba4/common/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2395. https://fastdial.net/static/styles/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c39e6%0d%0afc87287b287 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/c39e6%0d%0afc87287b287/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:41:03 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/c39e6
fc87287b287/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2396. https://fastdial.net/static/styles/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ea7a8%0d%0aa71ef2bb813 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/ea7a8%0d%0aa71ef2bb813/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:41:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/ea7a8
a71ef2bb813/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2397. https://fastdial.net/static/styles/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 638d8%0d%0a0a13b99c077 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/638d8%0d%0a0a13b99c077/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:41:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/638d8
0a13b99c077/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2398. https://fastdial.net/static/styles/styles/common/styles/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload a07c8%0d%0a7b78ec6deb was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/images/a07c8%0d%0a7b78ec6deb/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/images/a07c8
7b78ec6deb/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2399. https://fastdial.net/static/styles/styles/common/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 76222%0d%0ade56a1d8bdf was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /76222%0d%0ade56a1d8bdf/styles/styles/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:41:05 GMT
Server: Apache
Location: http://fastdial.net/76222
de56a1d8bdf/styles/styles/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2400. https://fastdial.net/static/styles/styles/common/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e6c0e%0d%0a526c47da073 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e6c0e%0d%0a526c47da073/styles/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:41:18 GMT
Server: Apache
Location: http://fastdial.net/static/e6c0e
526c47da073/styles/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2401. https://fastdial.net/static/styles/styles/common/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5b6f8%0d%0af0807a49c9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5b6f8%0d%0af0807a49c9/common/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:41:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5b6f8
f0807a49c9/common/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2402. https://fastdial.net/static/styles/styles/common/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 14a69%0d%0a2291ef2d84c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/14a69%0d%0a2291ef2d84c/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/14a69
2291ef2d84c/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2403. https://fastdial.net/static/styles/styles/common/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e06a0%0d%0a785c40212c4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/e06a0%0d%0a785c40212c4/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:21 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/e06a0
785c40212c4/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2404. https://fastdial.net/static/styles/styles/common/styles/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload bf778%0d%0ab329a026e2f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/bf778%0d%0ab329a026e2f/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:42:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/bf778
b329a026e2f/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2405. https://fastdial.net/static/styles/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6f71e%0d%0ac3df6df72ae was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6f71e%0d%0ac3df6df72ae/styles/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:20:06 GMT
Server: Apache
Location: http://fastdial.net/6f71e
c3df6df72ae/styles/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2406. https://fastdial.net/static/styles/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3ef9e%0d%0ac2225670cd9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3ef9e%0d%0ac2225670cd9/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:20:26 GMT
Server: Apache
Location: http://fastdial.net/static/3ef9e
c2225670cd9/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2407. https://fastdial.net/static/styles/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 541a0%0d%0ae63b04c2e49 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/541a0%0d%0ae63b04c2e49/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:20:38 GMT
Server: Apache
Location: http://fastdial.net/static/styles/541a0
e63b04c2e49/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2408. https://fastdial.net/static/styles/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 80ed6%0d%0accb44358e18 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/80ed6%0d%0accb44358e18/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:20:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/80ed6
ccb44358e18/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2409. https://fastdial.net/static/styles/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload bd0cd%0d%0a89dba0490c8 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/bd0cd%0d%0a89dba0490c8/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:21:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/bd0cd
89dba0490c8/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2410. https://fastdial.net/static/styles/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 84c33%0d%0a7a221aa62a1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /84c33%0d%0a7a221aa62a1/styles/styles/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:38 GMT
Server: Apache
Location: http://fastdial.net/84c33
7a221aa62a1/styles/styles/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2411. https://fastdial.net/static/styles/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 82d87%0d%0a0fb2af60610 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/82d87%0d%0a0fb2af60610/styles/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:56 GMT
Server: Apache
Location: http://fastdial.net/static/82d87
0fb2af60610/styles/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2412. https://fastdial.net/static/styles/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 40203%0d%0ac997bdf98f9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/40203%0d%0ac997bdf98f9/common/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/40203
c997bdf98f9/common/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2413. https://fastdial.net/static/styles/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d196e%0d%0a4d01c6a35b7 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/d196e%0d%0a4d01c6a35b7/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/d196e
4d01c6a35b7/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2414. https://fastdial.net/static/styles/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1ed42%0d%0ac9a68e347b3 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/1ed42%0d%0ac9a68e347b3/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:39 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/1ed42
c9a68e347b3/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2415. https://fastdial.net/static/styles/styles/common/styles/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 3d711%0d%0a6f784693a90 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/3d711%0d%0a6f784693a90/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/3d711
6f784693a90/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2416. https://fastdial.net/static/styles/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1f58f%0d%0aad735691924 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1f58f%0d%0aad735691924/styles/styles/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:05 GMT
Server: Apache
Location: http://fastdial.net/1f58f
ad735691924/styles/styles/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2417. https://fastdial.net/static/styles/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 17aac%0d%0a8d01b5709ef was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/17aac%0d%0a8d01b5709ef/styles/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:23 GMT
Server: Apache
Location: http://fastdial.net/static/17aac
8d01b5709ef/styles/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2418. https://fastdial.net/static/styles/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c1aa3%0d%0af9ac475b661 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c1aa3%0d%0af9ac475b661/common/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c1aa3
f9ac475b661/common/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2419. https://fastdial.net/static/styles/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 95513%0d%0aa0fc25160e5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/95513%0d%0aa0fc25160e5/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/95513
a0fc25160e5/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2420. https://fastdial.net/static/styles/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3b4b9%0d%0adf4adf36e67 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/3b4b9%0d%0adf4adf36e67/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/3b4b9
df4adf36e67/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2421. https://fastdial.net/static/styles/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1b3ce%0d%0a6df55623c16 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/1b3ce%0d%0a6df55623c16/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/1b3ce
6df55623c16/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2422. https://fastdial.net/static/styles/styles/common/styles/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 2b25a%0d%0a3a955aafff7 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/styles/2b25a%0d%0a3a955aafff7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/styles/2b25a
3a955aafff7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2423. https://fastdial.net/static/styles/styles/common/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a5616%0d%0a18bcc3156f9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a5616%0d%0a18bcc3156f9/styles/styles/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:23 GMT
Server: Apache
Location: http://fastdial.net/a5616
18bcc3156f9/styles/styles/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2424. https://fastdial.net/static/styles/styles/common/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 96e12%0d%0aec38b07395b was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/96e12%0d%0aec38b07395b/styles/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:33 GMT
Server: Apache
Location: http://fastdial.net/static/96e12
ec38b07395b/styles/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2425. https://fastdial.net/static/styles/styles/common/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 445ab%0d%0ae2aa0f9d5f8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/445ab%0d%0ae2aa0f9d5f8/common/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:39:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/445ab
e2aa0f9d5f8/common/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2426. https://fastdial.net/static/styles/styles/common/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2eff7%0d%0aba8aa0a304b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/2eff7%0d%0aba8aa0a304b/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:06 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/2eff7
ba8aa0a304b/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2427. https://fastdial.net/static/styles/styles/common/styles/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 257b4%0d%0ae6c12e49d55 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/257b4%0d%0ae6c12e49d55/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/257b4
e6c12e49d55/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2428. https://fastdial.net/static/styles/styles/common/styles/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/common/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 23efa%0d%0a4507bdc9cf4 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/common/styles/23efa%0d%0a4507bdc9cf4/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:40:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/common/styles/23efa
4507bdc9cf4/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2429. https://fastdial.net/static/styles/styles/images/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2875d%0d%0af95ce68283 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2875d%0d%0af95ce68283/styles/styles/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:02:16 GMT
Server: Apache
Location: http://fastdial.net/2875d
f95ce68283/styles/styles/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2430. https://fastdial.net/static/styles/styles/images/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 315b6%0d%0acadb12e5651 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/315b6%0d%0acadb12e5651/styles/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:03:07 GMT
Server: Apache
Location: http://fastdial.net/static/315b6
cadb12e5651/styles/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2431. https://fastdial.net/static/styles/styles/images/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 49fce%0d%0af489f42785b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/49fce%0d%0af489f42785b/images/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:03:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/49fce
f489f42785b/images/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2432. https://fastdial.net/static/styles/styles/images/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d1768%0d%0a5edbf55a440 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/d1768%0d%0a5edbf55a440/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:03:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/d1768
5edbf55a440/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2433. https://fastdial.net/static/styles/styles/images/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 17238%0d%0a5ce36b7af78 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/17238%0d%0a5ce36b7af78/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:04:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/17238
5ce36b7af78/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2434. https://fastdial.net/static/styles/styles/images/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 9518b%0d%0a372149af9b1 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/common/9518b%0d%0a372149af9b1/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:04:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/common/9518b
372149af9b1/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2435. https://fastdial.net/static/styles/styles/images/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload b0ef2%0d%0ac45a6b87a0c was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/common/images/b0ef2%0d%0ac45a6b87a0c/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:04:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/common/images/b0ef2
c45a6b87a0c/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2436. https://fastdial.net/static/styles/styles/images/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f7160%0d%0a72ce0fb37f4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f7160%0d%0a72ce0fb37f4/styles/styles/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:02:45 GMT
Server: Apache
Location: http://fastdial.net/f7160
72ce0fb37f4/styles/styles/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2437. https://fastdial.net/static/styles/styles/images/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c8a81%0d%0acf852800032 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c8a81%0d%0acf852800032/styles/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:02:53 GMT
Server: Apache
Location: http://fastdial.net/static/c8a81
cf852800032/styles/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2438. https://fastdial.net/static/styles/styles/images/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bdc76%0d%0a967e5166bdd was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/bdc76%0d%0a967e5166bdd/images/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:03:10 GMT
Server: Apache
Location: http://fastdial.net/static/styles/bdc76
967e5166bdd/images/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2439. https://fastdial.net/static/styles/styles/images/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 47b39%0d%0a64436b8ea0c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/47b39%0d%0a64436b8ea0c/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:03:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/47b39
64436b8ea0c/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2440. https://fastdial.net/static/styles/styles/images/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 95b86%0d%0aa1b1dcf40c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/95b86%0d%0aa1b1dcf40c/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:04:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/95b86
a1b1dcf40c/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2441. https://fastdial.net/static/styles/styles/images/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 8c056%0d%0a69d524eeddf was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/common/8c056%0d%0a69d524eeddf/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:04:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/common/8c056
69d524eeddf/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2442. https://fastdial.net/static/styles/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f9f95%0d%0a5848d3d89ce was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f9f95%0d%0a5848d3d89ce/styles/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:18 GMT
Server: Apache
Location: http://fastdial.net/f9f95
5848d3d89ce/styles/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2443. https://fastdial.net/static/styles/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload c5f96%0d%0ad7258a3efc was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/c5f96%0d%0ad7258a3efc/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:32 GMT
Server: Apache
Location: http://fastdial.net/static/c5f96
d7258a3efc/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2444. https://fastdial.net/static/styles/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload c8b36%0d%0a423909e8961 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/c8b36%0d%0a423909e8961/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:50 GMT
Server: Apache
Location: http://fastdial.net/static/styles/c8b36
423909e8961/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2445. https://fastdial.net/static/styles/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 119ca%0d%0a16876b1af2e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/119ca%0d%0a16876b1af2e/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:30:02 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/119ca
16876b1af2e/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2446. https://fastdial.net/static/styles/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a3c2b%0d%0a9fe5c6f6458 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/a3c2b%0d%0a9fe5c6f6458/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:30:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/a3c2b
9fe5c6f6458/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2447. https://fastdial.net/static/styles/styles/images/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 53226%0d%0a24c1550c373 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /53226%0d%0a24c1550c373/styles/styles/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:01:27 GMT
Server: Apache
Location: http://fastdial.net/53226
24c1550c373/styles/styles/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2448. https://fastdial.net/static/styles/styles/images/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 77d3c%0d%0a26fda4aeed was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/77d3c%0d%0a26fda4aeed/styles/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:01:53 GMT
Server: Apache
Location: http://fastdial.net/static/77d3c
26fda4aeed/styles/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2449. https://fastdial.net/static/styles/styles/images/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 55946%0d%0a864e4d54845 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/55946%0d%0a864e4d54845/images/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:02:52 GMT
Server: Apache
Location: http://fastdial.net/static/styles/55946
864e4d54845/images/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2450. https://fastdial.net/static/styles/styles/images/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 258eb%0d%0a4c7dace4fea was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/258eb%0d%0a4c7dace4fea/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:03:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/258eb
4c7dace4fea/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2451. https://fastdial.net/static/styles/styles/images/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload ccf1a%0d%0a3e72a1d47e4 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/ccf1a%0d%0a3e72a1d47e4/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:03:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/ccf1a
3e72a1d47e4/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2452. https://fastdial.net/static/styles/styles/images/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload dfd5b%0d%0abf50abdb27d was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/common/dfd5b%0d%0abf50abdb27d/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:03:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/common/dfd5b
bf50abdb27d/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2453. https://fastdial.net/static/styles/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6b642%0d%0aef6f6033a97 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6b642%0d%0aef6f6033a97/styles/styles/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:25 GMT
Server: Apache
Location: http://fastdial.net/6b642
ef6f6033a97/styles/styles/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2454. https://fastdial.net/static/styles/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 916b5%0d%0ad17e1b98675 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/916b5%0d%0ad17e1b98675/styles/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:39 GMT
Server: Apache
Location: http://fastdial.net/static/916b5
d17e1b98675/styles/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2455. https://fastdial.net/static/styles/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6aec8%0d%0a055775d6313 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/6aec8%0d%0a055775d6313/images/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/6aec8
055775d6313/images/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2456. https://fastdial.net/static/styles/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload dd0a2%0d%0aacab0c1e8ad was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/dd0a2%0d%0aacab0c1e8ad/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:01:08 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/dd0a2
acab0c1e8ad/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2457. https://fastdial.net/static/styles/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload fb0e1%0d%0a90ec468771e was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/fb0e1%0d%0a90ec468771e/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:01:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/fb0e1
90ec468771e/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2458. https://fastdial.net/static/styles/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload ec2d5%0d%0aaa4a99d802f was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/common/ec2d5%0d%0aaa4a99d802f/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:02:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/common/ec2d5
aa4a99d802f/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2459. https://fastdial.net/static/styles/styles/images/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload b14ce%0d%0a473b7278623 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/common/styles/b14ce%0d%0a473b7278623/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:02:53 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/common/styles/b14ce
473b7278623/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2460. https://fastdial.net/static/styles/styles/images/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e128d%0d%0a35cd0e3eb5c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e128d%0d%0a35cd0e3eb5c/styles/styles/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:45 GMT
Server: Apache
Location: http://fastdial.net/e128d
35cd0e3eb5c/styles/styles/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2461. https://fastdial.net/static/styles/styles/images/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4e77c%0d%0ac266a86b6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4e77c%0d%0ac266a86b6/styles/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:01:00 GMT
Server: Apache
Location: http://fastdial.net/static/4e77c
c266a86b6/styles/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2462. https://fastdial.net/static/styles/styles/images/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 6b897%0d%0a78278d2eae8 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/6b897%0d%0a78278d2eae8/images/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:01:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/6b897
78278d2eae8/images/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2463. https://fastdial.net/static/styles/styles/images/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload dd822%0d%0afac7d046e72 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/dd822%0d%0afac7d046e72/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:01:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/dd822
fac7d046e72/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2464. https://fastdial.net/static/styles/styles/images/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b7e3d%0d%0a6e04db6fd73 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/b7e3d%0d%0a6e04db6fd73/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:02:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/b7e3d
6e04db6fd73/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2465. https://fastdial.net/static/styles/styles/images/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 2d6e6%0d%0aaca36c96d40 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/common/2d6e6%0d%0aaca36c96d40/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:02:59 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/common/2d6e6
aca36c96d40/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2466. https://fastdial.net/static/styles/styles/images/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 1cffb%0d%0af665d790b37 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /1cffb%0d%0af665d790b37/styles/styles/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:06:36 GMT
Server: Apache
Location: http://fastdial.net/1cffb
f665d790b37/styles/styles/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2467. https://fastdial.net/static/styles/styles/images/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 7596b%0d%0a829a120c6ca was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/7596b%0d%0a829a120c6ca/styles/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:06:50 GMT
Server: Apache
Location: http://fastdial.net/static/7596b
829a120c6ca/styles/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2468. https://fastdial.net/static/styles/styles/images/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b494b%0d%0a03df02962f0 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b494b%0d%0a03df02962f0/images/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:19 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b494b
03df02962f0/images/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2469. https://fastdial.net/static/styles/styles/images/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 40dd4%0d%0a3abee18ef5 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/40dd4%0d%0a3abee18ef5/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/40dd4
3abee18ef5/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2470. https://fastdial.net/static/styles/styles/images/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3b627%0d%0a405cc5ca47c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/3b627%0d%0a405cc5ca47c/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/3b627
405cc5ca47c/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2471. https://fastdial.net/static/styles/styles/images/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload da285%0d%0a465db6ae0f0 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/images/da285%0d%0a465db6ae0f0/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:04 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/images/da285
465db6ae0f0/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2472. https://fastdial.net/static/styles/styles/images/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e756a%0d%0ac7df1ca86fb was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e756a%0d%0ac7df1ca86fb/styles/styles/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:11 GMT
Server: Apache
Location: http://fastdial.net/e756a
c7df1ca86fb/styles/styles/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2473. https://fastdial.net/static/styles/styles/images/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 5113d%0d%0a2a1e5523507 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/5113d%0d%0a2a1e5523507/styles/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:32 GMT
Server: Apache
Location: http://fastdial.net/static/5113d
2a1e5523507/styles/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2474. https://fastdial.net/static/styles/styles/images/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d705b%0d%0a4e5ee8f2cb9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/d705b%0d%0a4e5ee8f2cb9/images/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/d705b
4e5ee8f2cb9/images/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2475. https://fastdial.net/static/styles/styles/images/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 893bd%0d%0a40832ca9cb4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/893bd%0d%0a40832ca9cb4/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:07:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/893bd
40832ca9cb4/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2476. https://fastdial.net/static/styles/styles/images/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 11bb3%0d%0af7143e3980a was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/11bb3%0d%0af7143e3980a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:08:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/11bb3
f7143e3980a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2477. https://fastdial.net/static/styles/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7f272%0d%0a95bbd0d8092 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7f272%0d%0a95bbd0d8092/styles/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:35 GMT
Server: Apache
Location: http://fastdial.net/7f272
95bbd0d8092/styles/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2478. https://fastdial.net/static/styles/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b28cb%0d%0ac0470934872 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b28cb%0d%0ac0470934872/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:49 GMT
Server: Apache
Location: http://fastdial.net/static/b28cb
c0470934872/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2479. https://fastdial.net/static/styles/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 695e4%0d%0a71a318d5355 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/695e4%0d%0a71a318d5355/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:30:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/695e4
71a318d5355/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2480. https://fastdial.net/static/styles/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 90464%0d%0ad11892cb942 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/90464%0d%0ad11892cb942/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:30:16 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/90464
d11892cb942/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2481. https://fastdial.net/static/styles/styles/images/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7c0cf%0d%0a7c18e1a268c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7c0cf%0d%0a7c18e1a268c/styles/styles/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:28 GMT
Server: Apache
Location: http://fastdial.net/7c0cf
7c18e1a268c/styles/styles/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2482. https://fastdial.net/static/styles/styles/images/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3910e%0d%0aadf6a0d4ec6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3910e%0d%0aadf6a0d4ec6/styles/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:48 GMT
Server: Apache
Location: http://fastdial.net/static/3910e
adf6a0d4ec6/styles/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2483. https://fastdial.net/static/styles/styles/images/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 5a814%0d%0afc31bdeb0c7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/5a814%0d%0afc31bdeb0c7/images/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/5a814
fc31bdeb0c7/images/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2484. https://fastdial.net/static/styles/styles/images/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e09ec%0d%0adec8a118e31 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/e09ec%0d%0adec8a118e31/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:06:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/e09ec
dec8a118e31/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2485. https://fastdial.net/static/styles/styles/images/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload d351a%0d%0aa47ebd66581 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/d351a%0d%0aa47ebd66581/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:06:32 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/d351a
a47ebd66581/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2486. https://fastdial.net/static/styles/styles/images/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2f67c%0d%0a214860f96c0 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /2f67c%0d%0a214860f96c0/styles/styles/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:04:33 GMT
Server: Apache
Location: http://fastdial.net/2f67c
214860f96c0/styles/styles/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2487. https://fastdial.net/static/styles/styles/images/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b8744%0d%0a1c2c81e21c3 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b8744%0d%0a1c2c81e21c3/styles/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:04:47 GMT
Server: Apache
Location: http://fastdial.net/static/b8744
1c2c81e21c3/styles/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2488. https://fastdial.net/static/styles/styles/images/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b1ebb%0d%0a94b616732b6 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b1ebb%0d%0a94b616732b6/images/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b1ebb
94b616732b6/images/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2489. https://fastdial.net/static/styles/styles/images/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 32d99%0d%0a7354cebb378 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/32d99%0d%0a7354cebb378/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/32d99
7354cebb378/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2490. https://fastdial.net/static/styles/styles/images/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 10f3b%0d%0a0657bcadd21 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/10f3b%0d%0a0657bcadd21/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/10f3b
0657bcadd21/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2491. https://fastdial.net/static/styles/styles/images/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 7e762%0d%0a4391458f79e was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/styles/7e762%0d%0a4391458f79e/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/styles/7e762
4391458f79e/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2492. https://fastdial.net/static/styles/styles/images/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 75307%0d%0ae290d6a34d9 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /75307%0d%0ae290d6a34d9/styles/styles/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:04:48 GMT
Server: Apache
Location: http://fastdial.net/75307
e290d6a34d9/styles/styles/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2493. https://fastdial.net/static/styles/styles/images/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 46e3b%0d%0a35c20ff66a was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/46e3b%0d%0a35c20ff66a/styles/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:01 GMT
Server: Apache
Location: http://fastdial.net/static/46e3b
35c20ff66a/styles/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2494. https://fastdial.net/static/styles/styles/images/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 8c49a%0d%0abcf0a69ee09 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/8c49a%0d%0abcf0a69ee09/images/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:18 GMT
Server: Apache
Location: http://fastdial.net/static/styles/8c49a
bcf0a69ee09/images/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2495. https://fastdial.net/static/styles/styles/images/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 3e590%0d%0ac08eb59240e was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/3e590%0d%0ac08eb59240e/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/3e590
c08eb59240e/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2496. https://fastdial.net/static/styles/styles/images/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/images/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 16b54%0d%0aeef2fe2a3b1 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/images/16b54%0d%0aeef2fe2a3b1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:05:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/images/16b54
eef2fe2a3b1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2497. https://fastdial.net/static/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 67f0b%0d%0a4479a1413be was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /67f0b%0d%0a4479a1413be/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:28:41 GMT
Server: Apache
Location: http://fastdial.net/67f0b
4479a1413be/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2498. https://fastdial.net/static/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4b4ba%0d%0a2aa632575c9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4b4ba%0d%0a2aa632575c9/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:28:54 GMT
Server: Apache
Location: http://fastdial.net/static/4b4ba
2aa632575c9/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2499. https://fastdial.net/static/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 37dcd%0d%0a1829e2eb26b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/37dcd%0d%0a1829e2eb26b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/37dcd
1829e2eb26b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2500. https://fastdial.net/static/styles/styles/scripts/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload f2150%0d%0a6bf705b06dd was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /f2150%0d%0a6bf705b06dd/styles/styles/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:59:15 GMT
Server: Apache
Location: http://fastdial.net/f2150
6bf705b06dd/styles/styles/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2501. https://fastdial.net/static/styles/styles/scripts/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d96f3%0d%0ae45cb115338 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d96f3%0d%0ae45cb115338/styles/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:59:29 GMT
Server: Apache
Location: http://fastdial.net/static/d96f3
e45cb115338/styles/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2502. https://fastdial.net/static/styles/styles/scripts/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload e1e8e%0d%0aa407fc7d649 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/e1e8e%0d%0aa407fc7d649/scripts/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:59:42 GMT
Server: Apache
Location: http://fastdial.net/static/styles/e1e8e
a407fc7d649/scripts/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2503. https://fastdial.net/static/styles/styles/scripts/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 33f1c%0d%0a810f4d09f32 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/33f1c%0d%0a810f4d09f32/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:59:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/33f1c
810f4d09f32/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2504. https://fastdial.net/static/styles/styles/scripts/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 66259%0d%0aeb2d9c14ade was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/scripts/66259%0d%0aeb2d9c14ade/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/scripts/66259
eb2d9c14ade/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2505. https://fastdial.net/static/styles/styles/scripts/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 4b1a2%0d%0a08d05a700dc was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/scripts/images/4b1a2%0d%0a08d05a700dc/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/scripts/images/4b1a2
08d05a700dc/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2506. https://fastdial.net/static/styles/styles/scripts/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d4fb8%0d%0ae85eb2e443 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d4fb8%0d%0ae85eb2e443/styles/styles/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:59:54 GMT
Server: Apache
Location: http://fastdial.net/d4fb8
e85eb2e443/styles/styles/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2507. https://fastdial.net/static/styles/styles/scripts/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload e0fc7%0d%0aa002464256e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/e0fc7%0d%0aa002464256e/styles/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:08 GMT
Server: Apache
Location: http://fastdial.net/static/e0fc7
a002464256e/styles/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2508. https://fastdial.net/static/styles/styles/scripts/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 83113%0d%0a0220d2a42dd was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/83113%0d%0a0220d2a42dd/scripts/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/83113
0220d2a42dd/scripts/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2509. https://fastdial.net/static/styles/styles/scripts/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c4fd4%0d%0a2c966f15d02 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/c4fd4%0d%0a2c966f15d02/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/c4fd4
2c966f15d02/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2510. https://fastdial.net/static/styles/styles/scripts/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 67a66%0d%0a43459ce9df9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/scripts/67a66%0d%0a43459ce9df9/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/scripts/67a66
43459ce9df9/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2511. https://fastdial.net/static/styles/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload d19b7%0d%0ad02102fd473 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /d19b7%0d%0ad02102fd473/styles/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:28:45 GMT
Server: Apache
Location: http://fastdial.net/d19b7
d02102fd473/styles/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2512. https://fastdial.net/static/styles/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 2c352%0d%0a878f8b8e4da was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/2c352%0d%0a878f8b8e4da/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:00 GMT
Server: Apache
Location: http://fastdial.net/static/2c352
878f8b8e4da/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2513. https://fastdial.net/static/styles/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f333c%0d%0a3beb256a2fe was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f333c%0d%0a3beb256a2fe/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:14 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f333c
3beb256a2fe/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2514. https://fastdial.net/static/styles/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4f125%0d%0a765fa2001c1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/4f125%0d%0a765fa2001c1/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:29:30 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/4f125
765fa2001c1/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2515. https://fastdial.net/static/styles/styles/scripts/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7e05d%0d%0a7c6d5f70e3c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7e05d%0d%0a7c6d5f70e3c/styles/styles/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:58:16 GMT
Server: Apache
Location: http://fastdial.net/7e05d
7c6d5f70e3c/styles/styles/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2516. https://fastdial.net/static/styles/styles/scripts/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 3a761%0d%0a21f22bfebf0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/3a761%0d%0a21f22bfebf0/styles/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:58:29 GMT
Server: Apache
Location: http://fastdial.net/static/3a761
21f22bfebf0/styles/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2517. https://fastdial.net/static/styles/styles/scripts/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 8d05f%0d%0a6f252dce2e9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/8d05f%0d%0a6f252dce2e9/scripts/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:58:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/8d05f
6f252dce2e9/scripts/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2518. https://fastdial.net/static/styles/styles/scripts/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 241db%0d%0a0ce24b1cf81 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/241db%0d%0a0ce24b1cf81/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:58:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/241db
0ce24b1cf81/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2519. https://fastdial.net/static/styles/styles/scripts/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 5556f%0d%0aba68d539ed7 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/scripts/5556f%0d%0aba68d539ed7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:59:12 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/scripts/5556f
ba68d539ed7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2520. https://fastdial.net/static/styles/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a0021%0d%0a887f09a219f was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a0021%0d%0a887f09a219f/styles/styles/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:42 GMT
Server: Apache
Location: http://fastdial.net/a0021
887f09a219f/styles/styles/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2521. https://fastdial.net/static/styles/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 81ec0%0d%0ab0bc0bdde88 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/81ec0%0d%0ab0bc0bdde88/styles/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:52 GMT
Server: Apache
Location: http://fastdial.net/static/81ec0
b0bc0bdde88/styles/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2522. https://fastdial.net/static/styles/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f122a%0d%0af22f2e362a7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f122a%0d%0af22f2e362a7/scripts/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:58:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f122a
f22f2e362a7/scripts/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2523. https://fastdial.net/static/styles/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 8f348%0d%0a049f32d5ab4 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/8f348%0d%0a049f32d5ab4/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:58:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/8f348
049f32d5ab4/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2524. https://fastdial.net/static/styles/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 39ce6%0d%0a16e27add188 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/scripts/39ce6%0d%0a16e27add188/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:58:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/scripts/39ce6
16e27add188/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2525. https://fastdial.net/static/styles/styles/scripts/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 3078a%0d%0a70d78f820d6 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/scripts/styles/3078a%0d%0a70d78f820d6/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:58:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/scripts/styles/3078a
70d78f820d6/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2526. https://fastdial.net/static/styles/styles/scripts/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload e6757%0d%0afea8090bb82 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /e6757%0d%0afea8090bb82/styles/styles/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:59:59 GMT
Server: Apache
Location: http://fastdial.net/e6757
fea8090bb82/styles/styles/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2527. https://fastdial.net/static/styles/styles/scripts/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 6483a%0d%0a3ab8dfec07 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/6483a%0d%0a3ab8dfec07/styles/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:14 GMT
Server: Apache
Location: http://fastdial.net/static/6483a
3ab8dfec07/styles/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2528. https://fastdial.net/static/styles/styles/scripts/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload f3a62%0d%0a154f029cbe9 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/f3a62%0d%0a154f029cbe9/scripts/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:28 GMT
Server: Apache
Location: http://fastdial.net/static/styles/f3a62
154f029cbe9/scripts/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2529. https://fastdial.net/static/styles/styles/scripts/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 6ed60%0d%0a8801dad7a5c was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/6ed60%0d%0a8801dad7a5c/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/6ed60
8801dad7a5c/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2530. https://fastdial.net/static/styles/styles/scripts/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/scripts/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 1e88b%0d%0ad008ad5c47b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/scripts/1e88b%0d%0ad008ad5c47b/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 22:00:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/scripts/1e88b
d008ad5c47b/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2531. https://fastdial.net/static/styles/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload da8c0%0d%0a0198b5fa978 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /da8c0%0d%0a0198b5fa978/styles/styles/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:53:37 GMT
Server: Apache
Location: http://fastdial.net/da8c0
0198b5fa978/styles/styles/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2532. https://fastdial.net/static/styles/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 36f58%0d%0add541e63e95 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/36f58%0d%0add541e63e95/styles/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:53:52 GMT
Server: Apache
Location: http://fastdial.net/static/36f58
dd541e63e95/styles/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2533. https://fastdial.net/static/styles/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 1ae0b%0d%0a9bff3d52bc7 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/1ae0b%0d%0a9bff3d52bc7/styles/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/1ae0b
9bff3d52bc7/styles/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2534. https://fastdial.net/static/styles/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload e76eb%0d%0a8eceab7bc15 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/e76eb%0d%0a8eceab7bc15/common/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/e76eb
8eceab7bc15/common/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2535. https://fastdial.net/static/styles/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a28b4%0d%0a8889e7c05c9 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/a28b4%0d%0a8889e7c05c9/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/a28b4
8889e7c05c9/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2536. https://fastdial.net/static/styles/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 1aa44%0d%0ae7488b06c95 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/common/1aa44%0d%0ae7488b06c95/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/common/1aa44
e7488b06c95/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2537. https://fastdial.net/static/styles/styles/styles/common/images/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload 9b2fa%0d%0aa44ecb4a2ea was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/common/images/9b2fa%0d%0aa44ecb4a2ea/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:55:26 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/common/images/9b2fa
a44ecb4a2ea/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2538. https://fastdial.net/static/styles/styles/styles/common/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ab497%0d%0ad05f21d9c32 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ab497%0d%0ad05f21d9c32/styles/styles/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:53:42 GMT
Server: Apache
Location: http://fastdial.net/ab497
d05f21d9c32/styles/styles/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2539. https://fastdial.net/static/styles/styles/styles/common/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload b8bdd%0d%0aab9700226ae was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/b8bdd%0d%0aab9700226ae/styles/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:53:59 GMT
Server: Apache
Location: http://fastdial.net/static/b8bdd
ab9700226ae/styles/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2540. https://fastdial.net/static/styles/styles/styles/common/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload fa43b%0d%0ac079db935e1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/fa43b%0d%0ac079db935e1/styles/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:13 GMT
Server: Apache
Location: http://fastdial.net/static/styles/fa43b
c079db935e1/styles/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2541. https://fastdial.net/static/styles/styles/styles/common/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d7fb5%0d%0a9a5a7954c64 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/d7fb5%0d%0a9a5a7954c64/common/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/d7fb5
9a5a7954c64/common/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2542. https://fastdial.net/static/styles/styles/styles/common/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload a2215%0d%0a6704bd3020c was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/a2215%0d%0a6704bd3020c/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:44 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/a2215
6704bd3020c/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2543. https://fastdial.net/static/styles/styles/styles/common/images/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/images/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 14a76%0d%0a01313dbaee was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/common/14a76%0d%0a01313dbaee/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:58 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/common/14a76
01313dbaee/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2544. https://fastdial.net/static/styles/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b1194%0d%0a03c9d30f7c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b1194%0d%0a03c9d30f7c/styles/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:26:08 GMT
Server: Apache
Location: http://fastdial.net/b1194
03c9d30f7c/styles/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2545. https://fastdial.net/static/styles/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 34802%0d%0a9830cd92764 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/34802%0d%0a9830cd92764/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:26:31 GMT
Server: Apache
Location: http://fastdial.net/static/34802
9830cd92764/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2546. https://fastdial.net/static/styles/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload cf131%0d%0a2362d13c548 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/cf131%0d%0a2362d13c548/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:26:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/cf131
2362d13c548/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2547. https://fastdial.net/static/styles/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 58d63%0d%0a9fa476c9891 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/58d63%0d%0a9fa476c9891/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:27:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/58d63
9fa476c9891/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2548. https://fastdial.net/static/styles/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 35002%0d%0a4110fd71a08 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/35002%0d%0a4110fd71a08/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:27:25 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/35002
4110fd71a08/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2549. https://fastdial.net/static/styles/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6ec82%0d%0adde9933f777 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6ec82%0d%0adde9933f777/styles/styles/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:12 GMT
Server: Apache
Location: http://fastdial.net/6ec82
dde9933f777/styles/styles/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2550. https://fastdial.net/static/styles/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload dfe35%0d%0a777cc3913f8 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/dfe35%0d%0a777cc3913f8/styles/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:29 GMT
Server: Apache
Location: http://fastdial.net/static/dfe35
777cc3913f8/styles/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2551. https://fastdial.net/static/styles/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload b1182%0d%0acc3030aa4d5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/b1182%0d%0acc3030aa4d5/styles/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:40 GMT
Server: Apache
Location: http://fastdial.net/static/styles/b1182
cc3030aa4d5/styles/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2552. https://fastdial.net/static/styles/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 2dd3e%0d%0a654e97a6684 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/2dd3e%0d%0a654e97a6684/common/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:57 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/2dd3e
654e97a6684/common/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2553. https://fastdial.net/static/styles/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 235f7%0d%0a32da886144 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/235f7%0d%0a32da886144/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:53:11 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/235f7
32da886144/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2554. https://fastdial.net/static/styles/styles/styles/common/scripts/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 52be5%0d%0a04feb5a1f60 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/common/52be5%0d%0a04feb5a1f60/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:53:29 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/common/52be5
04feb5a1f60/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2555. https://fastdial.net/static/styles/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a84e3%0d%0a462934fb3cc was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a84e3%0d%0a462934fb3cc/styles/styles/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:11 GMT
Server: Apache
Location: http://fastdial.net/a84e3
462934fb3cc/styles/styles/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2556. https://fastdial.net/static/styles/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 4ce60%0d%0afde3e515560 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/4ce60%0d%0afde3e515560/styles/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:29 GMT
Server: Apache
Location: http://fastdial.net/static/4ce60
fde3e515560/styles/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2557. https://fastdial.net/static/styles/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 67746%0d%0ac3112973508 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/67746%0d%0ac3112973508/styles/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:43 GMT
Server: Apache
Location: http://fastdial.net/static/styles/67746
c3112973508/styles/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2558. https://fastdial.net/static/styles/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload a2ae0%0d%0a2743737e98d was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/a2ae0%0d%0a2743737e98d/common/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:54 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/a2ae0
2743737e98d/common/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2559. https://fastdial.net/static/styles/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 45243%0d%0a1a2ab61232b was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/45243%0d%0a1a2ab61232b/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:07 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/45243
1a2ab61232b/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2560. https://fastdial.net/static/styles/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload e1014%0d%0a573b1d9d5cd was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/common/e1014%0d%0a573b1d9d5cd/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:24 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/common/e1014
573b1d9d5cd/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2561. https://fastdial.net/static/styles/styles/styles/common/styles/common/rsscategory.sc [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 7 is copied into the Location response header. The payload d61f4%0d%0ac3839b3ff21 was submitted in the REST URL parameter 7. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/common/styles/d61f4%0d%0ac3839b3ff21/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:36 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/common/styles/d61f4
c3839b3ff21/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

1.2562. https://fastdial.net/static/styles/styles/styles/common/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 6735c%0d%0ad7ac6bc8186 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /6735c%0d%0ad7ac6bc8186/styles/styles/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:44 GMT
Server: Apache
Location: http://fastdial.net/6735c
d7ac6bc8186/styles/styles/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2563. https://fastdial.net/static/styles/styles/styles/common/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 1a299%0d%0a39018eb0492 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/1a299%0d%0a39018eb0492/styles/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:51:56 GMT
Server: Apache
Location: http://fastdial.net/static/1a299
39018eb0492/styles/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2564. https://fastdial.net/static/styles/styles/styles/common/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload bfa0b%0d%0a51e849edaa5 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/bfa0b%0d%0a51e849edaa5/styles/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:09 GMT
Server: Apache
Location: http://fastdial.net/static/styles/bfa0b
51e849edaa5/styles/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2565. https://fastdial.net/static/styles/styles/styles/common/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload cd5af%0d%0ab85637d871a was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/cd5af%0d%0ab85637d871a/common/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:23 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/cd5af
b85637d871a/common/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2566. https://fastdial.net/static/styles/styles/styles/common/styles/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 76657%0d%0a714d6e3ef40 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/76657%0d%0a714d6e3ef40/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:41 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/76657
714d6e3ef40/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2567. https://fastdial.net/static/styles/styles/styles/common/styles/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/common/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload e3e8b%0d%0a73c4a16ddd3 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/common/e3e8b%0d%0a73c4a16ddd3/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:52:55 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/common/e3e8b
73c4a16ddd3/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2568. https://fastdial.net/static/styles/styles/styles/images/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 27968%0d%0a89ee39bcb8 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /27968%0d%0a89ee39bcb8/styles/styles/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:56:51 GMT
Server: Apache
Location: http://fastdial.net/27968
89ee39bcb8/styles/styles/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2569. https://fastdial.net/static/styles/styles/styles/images/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d54eb%0d%0a45ed87e03cb was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d54eb%0d%0a45ed87e03cb/styles/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:08 GMT
Server: Apache
Location: http://fastdial.net/static/d54eb
45ed87e03cb/styles/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2570. https://fastdial.net/static/styles/styles/styles/images/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 8ca8f%0d%0a468d41743d6 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/8ca8f%0d%0a468d41743d6/styles/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/8ca8f
468d41743d6/styles/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2571. https://fastdial.net/static/styles/styles/styles/images/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload abf33%0d%0ad6c34e177bc was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/abf33%0d%0ad6c34e177bc/images/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/abf33
d6c34e177bc/images/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2572. https://fastdial.net/static/styles/styles/styles/images/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload b6498%0d%0aa0d37f24692 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/b6498%0d%0aa0d37f24692/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:51 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/b6498
a0d37f24692/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2573. https://fastdial.net/static/styles/styles/styles/images/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 797be%0d%0ae5950751c78 was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/images/797be%0d%0ae5950751c78/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:58:01 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/images/797be
e5950751c78/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2574. https://fastdial.net/static/styles/styles/styles/images/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload cbbdb%0d%0a4db2ef10902 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /cbbdb%0d%0a4db2ef10902/styles/styles/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:56:52 GMT
Server: Apache
Location: http://fastdial.net/cbbdb
4db2ef10902/styles/styles/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2575. https://fastdial.net/static/styles/styles/styles/images/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 9d796%0d%0a0fa55a6e3a1 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/9d796%0d%0a0fa55a6e3a1/styles/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:08 GMT
Server: Apache
Location: http://fastdial.net/static/9d796
0fa55a6e3a1/styles/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2576. https://fastdial.net/static/styles/styles/styles/images/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload d09ab%0d%0a03544a4f38b was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/d09ab%0d%0a03544a4f38b/styles/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/d09ab
03544a4f38b/styles/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2577. https://fastdial.net/static/styles/styles/styles/images/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload c36bf%0d%0ab08f12ee1 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/c36bf%0d%0ab08f12ee1/images/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:33 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/c36bf
b08f12ee1/images/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2578. https://fastdial.net/static/styles/styles/styles/images/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/images/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 2651d%0d%0aa9b5ccd6bec was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/2651d%0d%0aa9b5ccd6bec/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:57:47 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/2651d
a9b5ccd6bec/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2579. https://fastdial.net/static/styles/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 4ce0e%0d%0a19b3c41f7ef was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /4ce0e%0d%0a19b3c41f7ef/styles/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:27:54 GMT
Server: Apache
Location: http://fastdial.net/4ce0e
19b3c41f7ef/styles/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2580. https://fastdial.net/static/styles/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 21492%0d%0ae5c5343995e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/21492%0d%0ae5c5343995e/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:28:04 GMT
Server: Apache
Location: http://fastdial.net/static/21492
e5c5343995e/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2581. https://fastdial.net/static/styles/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 52428%0d%0a7b8cd900513 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/52428%0d%0a7b8cd900513/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:28:22 GMT
Server: Apache
Location: http://fastdial.net/static/styles/52428
7b8cd900513/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2582. https://fastdial.net/static/styles/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload d7448%0d%0add1d4130e20 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/d7448%0d%0add1d4130e20/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 19:28:37 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/d7448
dd1d4130e20/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2583. https://fastdial.net/static/styles/styles/styles/scripts/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 80797%0d%0a0c58fd374db was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /80797%0d%0a0c58fd374db/styles/styles/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:55:18 GMT
Server: Apache
Location: http://fastdial.net/80797
0c58fd374db/styles/styles/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2584. https://fastdial.net/static/styles/styles/styles/scripts/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 30728%0d%0ae88660513c0 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/30728%0d%0ae88660513c0/styles/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:55:36 GMT
Server: Apache
Location: http://fastdial.net/static/30728
e88660513c0/styles/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2585. https://fastdial.net/static/styles/styles/styles/scripts/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9cff1%0d%0a6081131959f was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/9cff1%0d%0a6081131959f/styles/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:55:46 GMT
Server: Apache
Location: http://fastdial.net/static/styles/9cff1
6081131959f/styles/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2586. https://fastdial.net/static/styles/styles/styles/scripts/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 68226%0d%0aa5eb74db4bb was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/68226%0d%0aa5eb74db4bb/scripts/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:56:05 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/68226
a5eb74db4bb/scripts/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2587. https://fastdial.net/static/styles/styles/styles/scripts/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/scripts/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e2829%0d%0a43419c557b7 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/e2829%0d%0a43419c557b7/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:56:20 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/e2829
43419c557b7/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2588. https://fastdial.net/static/styles/styles/styles/styles/common/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 981f0%0d%0a6d9a8a4222d was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /981f0%0d%0a6d9a8a4222d/styles/styles/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:02 GMT
Server: Apache
Location: http://fastdial.net/981f0
6d9a8a4222d/styles/styles/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2589. https://fastdial.net/static/styles/styles/styles/styles/common/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 8abb2%0d%0a3b18570563e was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/8abb2%0d%0a3b18570563e/styles/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:16 GMT
Server: Apache
Location: http://fastdial.net/static/8abb2
3b18570563e/styles/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2590. https://fastdial.net/static/styles/styles/styles/styles/common/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 321ff%0d%0adeaa3c191f1 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/321ff%0d%0adeaa3c191f1/styles/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:34 GMT
Server: Apache
Location: http://fastdial.net/static/styles/321ff
deaa3c191f1/styles/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2591. https://fastdial.net/static/styles/styles/styles/styles/common/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload 4b84a%0d%0a8bffca63d21 was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/4b84a%0d%0a8bffca63d21/styles/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:45 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/4b84a
8bffca63d21/styles/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2592. https://fastdial.net/static/styles/styles/styles/styles/common/rsscategory.sc [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload 3636e%0d%0adae8b8267ca was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/3636e%0d%0adae8b8267ca/common/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:55:17 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/3636e
dae8b8267ca/common/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2593. https://fastdial.net/static/styles/styles/styles/styles/common/rsscategory.sc [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/common/rsscategory.sc

Issue detail

The value of REST URL parameter 6 is copied into the Location response header. The payload 47db0%0d%0a774dfa2da4a was submitted in the REST URL parameter 6. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/styles/47db0%0d%0a774dfa2da4a/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:55:35 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/styles/47db0
774dfa2da4a/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2594. https://fastdial.net/static/styles/styles/styles/styles/rsscategory.sc [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 8a1ab%0d%0a4f831834848 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /8a1ab%0d%0a4f831834848/styles/styles/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:54:49 GMT
Server: Apache
Location: http://fastdial.net/8a1ab
4f831834848/styles/styles/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2595. https://fastdial.net/static/styles/styles/styles/styles/rsscategory.sc [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload d8b59%0d%0a4cf4e594dfb was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /static/d8b59%0d%0a4cf4e594dfb/styles/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:55:17 GMT
Server: Apache
Location: http://fastdial.net/static/d8b59
4cf4e594dfb/styles/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2596. https://fastdial.net/static/styles/styles/styles/styles/rsscategory.sc [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 3 is copied into the Location response header. The payload 9c422%0d%0a2f80917ee04 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /static/styles/9c422%0d%0a2f80917ee04/styles/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:55:31 GMT
Server: Apache
Location: http://fastdial.net/static/styles/9c422
2f80917ee04/styles/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2597. https://fastdial.net/static/styles/styles/styles/styles/rsscategory.sc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 4 is copied into the Location response header. The payload b9982%0d%0a3f4efe1a47b was submitted in the REST URL parameter 4. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/b9982%0d%0a3f4efe1a47b/styles/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:55:48 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/b9982
3f4efe1a47b/styles/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

1.2598. https://fastdial.net/static/styles/styles/styles/styles/rsscategory.sc [REST URL parameter 5] previous

Summary

Severity:	High
Confidence:	Certain
Host:	https://fastdial.net
Path:	/static/styles/styles/styles/styles/rsscategory.sc

Issue detail

The value of REST URL parameter 5 is copied into the Location response header. The payload e5ae7%0d%0a9dd5c11d552 was submitted in the REST URL parameter 5. This caused a response containing an injected HTTP header.

Request

GET /static/styles/styles/styles/e5ae7%0d%0a9dd5c11d552/rsscategory.sc HTTP/1.1
Host: fastdial.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=97C2D450EF49DD5399707ECCDF1FA020.qscstrfrnt04; whoson=963-1287271164005; cookieCheck=enabled; shoppingCartId=expired;

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 16 Oct 2010 21:56:00 GMT
Server: Apache
Location: http://fastdial.net/static/styles/styles/styles/e5ae7
9dd5c11d552/rsscategory.sc
Content-Length: 0
Connection: close
Content-Type: text/plain

Report generated by Hoyt LLC at Sat Oct 16 21:07:54 CDT 2010.